Answer-first summary for fast verification
Answer: Create an IAM role with the minimum required permissions for the pipeline to access the necessary services and assign it to the CodePipeline and CodeBuild.
To ensure secure and least privilege access for the CI/CD pipeline, you should create an IAM role with the minimum required permissions for the pipeline to access the necessary services and assign it to the CodePipeline and CodeBuild. This approach follows the principle of least privilege by granting the pipeline access only to the resources it needs. Option A provides excessive permissions, while options C and D are not recommended as they involve using the root account or manually configuring permissions, which can lead to security risks or errors.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your company is implementing a new CI/CD pipeline using AWS CodePipeline and AWS CodeBuild. You need to ensure that the pipeline has the necessary permissions to access other AWS services. Which of the following steps should you take to achieve this?
A
Create an IAM role with full access to all AWS services and assign it to the CodePipeline and CodeBuild.
B
Create an IAM role with the minimum required permissions for the pipeline to access the necessary services and assign it to the CodePipeline and CodeBuild.
C
Use the root account credentials to configure the pipeline to access the necessary services.
D
Manually configure the necessary permissions for each service in the pipeline configuration.