Your system recently experienced down time during the troubleshooting process. You found that a new
administrator mistakenly terminated several production EC2 instances.
Which of the following strategies will help prevent a similar situation in the future?
The administrator still must be able to:
– launch, start stop, and terminate development resources.
– launch and start production instances.
A.
Create an IAM user, which is not allowed to terminate instances by leveraging production EC2 termination
protection.
B.
Leverage resource based tagging along with an IAM user, which can prevent specific users from terminating
production EC2 resources.
C.
Leverage EC2 termination protection and multi-factor authentication, which together require users to
authenticate before terminating EC2 instances
D.
Create an IAM user and apply an IAM role which prevents users from terminating production EC2 instances.
D
I would got with B as we could leverage the resource based tagging.
Something mentioned here:
http://blogs.aws.amazon.com/security/post/Tx29HCT3ABL7LP3/Resource-level-Permissions-for-EC2-Controlling-Management-Access-on-Specific-Ins
Thanks michjojo
The answer is C.
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination
http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_configure-api-require.html
To the extent that it’s practical, define the conditions under which your IAM policies allow access to a resource. For example, you can write conditions to specify a range of allowable IP addresses that a request must come from, or you can specify that a request is allowed only within a specified date range or time range. You can also set conditions that require the use of SSL or MFA (multifactor authentication). For example, you can require that a user has authenticated with an MFA device in order to be allowed to terminate an Amazon EC2 instance.
C is the best answer
By Choosing D, we loose the ability to terminate instance. Question is, how can the user/admin continue to start/stop servers. “C” seems to be the most appropriate solution here
B
I would go with B- for tagging.
Answer B
B
Well the optioni B is just talking about tagging and not setting any actual restrictions or policies for not allowing to terminate the production EC2 instance. Tags don’t have any semantic meaning to Amazon EC2 and are interpreted strictly as a string of characters.
I would go with option D.
C is wrong because it does not disable user from terminating instances.
D is wrong because it does not differentiate between production and development instances.
B is the right answer, see here:
https://aws.amazon.com/blogs/security/resource-level-permissions-for-ec2-controlling-management-access-on-specific-instances/
It does make differentiation, saying “..from terminating production ec2 instances”
D
Means that the role cannot differentiate between prod and test.
The question was: “Which of the following strategies will help prevent a similar situation in the future?”. There is no requirement to prevent the administrator from terminating an instance. In fact, there are likely times you will want to terminate an instance as an administrator. The requirement was for no more accidental termination of instances. Termination protection would solve that. Therefore, I like C as a better answer.
265 questions in before I disagreed with one of your answers. You know your AWS.
vladam you re right answer is B
Answer is B
B
https://aws.amazon.com/blogs/security/resource-level-permissions-for-ec2-controlling-management-access-on-specific-instances/
The blog link you provided is very helpful and informative. The best practice should be tagging and create tagging based policy.
None of the above is correct answer.
A. The new administrator can still ‘MISTAKENLY’ disable termination protection.
B. Tagging is the first step, should create policies and lock down tags, then attach policies to IAM users.
C. MFA cannot stop user from terminating a Dev instance, the question explicitly wants to take way permission to terminate Dev instances.
D. IAM role is designed to let applications securely make API requests from your instances, without requiring you to manage the security credentials that the applications use.
The solution should be 1. tagging, 2. create tagging based policies, 3. lock down tags, 4. attach policies to IAM user of the new administrator.
B should be the correct answer
A. EC2 termination protection is enabled on EC2 instance.
B. Identify production resources using tags and add explicit deny.
C. Still does not prevent user from terminating instance.
D. Role is not applied to User but assumed by the User also need a way to identify production EC2 instances.
B
B. Leverage resource based tagging along with an IAM user, which can prevent specific users from terminating production EC2 resources.
should is B
B
Should not create new IAM user and prod/dev marking is the most common usage of tagging