A company has a new requirement stating that all resources in AWS must be tagged according to a set policy.
Which AWS service should be used to enforce and continually identify all resources that are not in compliance with the policy?
A . AWS CloudTrail
B . Amazon Inspector
C . AWSConfig
D . AWS Systems Manager
Answer: C
Explanation:
Understand the Problem:
All AWS resources must be tagged according to a company policy.
Continuous identification and enforcement of non-compliant resources are required.
Analyze the Requirements:
Monitor resources for compliance with tagging policies.
Enforce tagging policies and provide ongoing compliance reporting.
Evaluate the Options:
Option A: AWS CloudTrail.
Tracks user activity and API usage but does not enforce tagging policies.
Option B: Amazon Inspector.
Provides security assessments but does not monitor or enforce resource tagging.
Option C: AWS Config.
Monitors and evaluates the configurations of AWS resources.
AWS Config rules can be used to enforce tagging policies and continuously monitor compliance.
Option D: AWS Systems Manager.
Provides operational insights and management but does not specifically enforce tagging compliance.
Select the Best Solution:
Option C: AWS Config is designed for compliance and configuration monitoring, making it the ideal service for enforcing and identifying non-compliant resource tags.
Reference: AWS Config
Managing Resource Tag Compliance with AWS Config
AWS Config provides the necessary tools to enforce and monitor resource tagging compliance, ensuring all resources adhere to the set policy.
Latest SOA-C02 Dumps Valid Version with 54 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund