MemberAugust 18, 2020 at 11:27 pm
For the question –
There was a major incident that occurred in your company wherein the web application that you are supporting unexpectedly went down in the production environment. Upon investigation, it was found that a junior DevOps engineer terminated the EC2 instance in production which caused the disruption of service. Only the Solutions Architects should be allowed to stop or terminate instances in the production environment. You also found out that there are a lot of developers who have full access to your production AWS account.
One of the selected answer is –
Modify the associated IAM Role assigned to the developers and remove the policy that allows them to terminate EC2 instances in production.
Shouldn’t this be Modify the associated IAM Policy….NOT role? you dont associate role with user.
MemberAugust 20, 2020 at 1:30 pm
Thanks for bringing up the question.
I think it is still correct, to avoid confusion, we will update the option to:
Modify the associated IAM Role assigned to the developers by removing the policy that allows them to terminate EC2 instances in production.
Gerome Pagatpatan @ Tutorials Dojo
Log in to reply.