A company allows its developers to attach existing IAM policies to existing IAM roles to enable faster experimentation and agility. However, the security operations team is concerned that the developers could attach the existing administrator policy, which would allow the developers to circumvent any other security policies.
How should a solution architect address this issue?
A . Create an Amazon SNS topic to send an alert every time a developer create a new policy.
B . Use service control policies to disable IAM across all account in the organizational unit.
C . Prevent the developers from attaching any policies and duties to the security option team.
D . Set an IAM permission boundary on the developer IAM role that explicitly dries of attaching the administrator policy
Answer: D
Latest SAA-C02 Dumps Valid Version with 230 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund