Answer-first summary for fast verification
Answer: Create a new IAM policy specifying allowed instance types and attach it to an IAM group containing developers’ accounts.
The correct answer is C. Creating a new IAM policy that specifies the allowed instance types and attaching it to an IAM group that contains the developers' IAM accounts ensures that developers can only launch instances of the specified types. This method is effective in controlling the instance types that developers can use, thus helping to manage costs more efficiently. Other options either do not directly limit the instance types or do not provide a comprehensive solution to the problem.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
A large mobile gaming company has migrated its on-premises infrastructure to AWS. A solutions architect reviews the environment to ensure it aligns with the Well-Architected Framework. During a cost review in Cost Explorer, the architect identifies significant costs from launching and terminating large EC2 instances. It is discovered that developers are testing with inappropriate instance types. The architect needs to implement a control to restrict developers to specific instance types. Which solution meets this requirement?
A
Create a desired-instance-type managed rule in AWS Config, configure it with allowed instance types, and attach it to run each time a new EC2 instance is launched.
B
In the EC2 console, create a launch template specifying allowed instance types and assign it to developers’ IAM accounts.
C
Create a new IAM policy specifying allowed instance types and attach it to an IAM group containing developers’ accounts.
D
Use EC2 Image Builder to create an image pipeline for developers and assist in creating a golden image.
No comments yet.