Which factors could cause this failure?

SOA-C02 V5 0 Comments

A company has an AWS Cloud Formation template that creates an Amazon S3 bucket. A user authenticates to the corporate AWS account with their Active Directory credentials and attempts to deploy the Cloud Formation template. However, the stack creation fails.

Which factors could cause this failure? (Select TWO.)
A . The user’s IAM policy does not allow the cloudformation:CreateStack action.
B . The user’s IAM policy does not allow the cloudformation:CreateStackSet action.
C . The user’s IAM policy does not allow the s3:CreateBucket action.
D . The user’s IAM policy explicitly denies the s3:ListBucket action.
E . The user’s IAM policy explicitly denies the s3:PutObject action

Answer: AC

Explanation:

Understand the Problem:

A user attempts to deploy a CloudFormation template to create an S3 bucket but the stack creation fails.

The user authenticates using Active Directory credentials.

Analyze the Requirements:

Identify permissions required for successful CloudFormation stack creation.

Evaluate the Options:

Option A: The user’s IAM policy does not allow the cloudformation:CreateStack action.

Without this permission, the user cannot create CloudFormation stacks.

Option B: The user’s IAM policy does not allow the cloudformation:CreateStackSet action.

StackSet is used for managing stacks across multiple accounts and regions, not relevant for a single stack creation.

Option C: The user’s IAM policy does not allow the s3:CreateBucket action.

This permission is required to create an S3 bucket as part of the stack.

Option D: The user’s IAM policy explicitly denies the s3:ListBucket action.

This permission is not required for bucket creation but for listing existing buckets.

Option E: The user’s IAM policy explicitly denies the s3:PutObject action.

This permission is required to put objects in a bucket, not to create the bucket.

Select the Best Solution:

Option A and C: The user must have permissions for cloudformation:CreateStack and s3:CreateBucket to successfully create the stack and the S3 bucket.

Reference: AWS CloudFormation Permissions

IAM Policies and Permissions

Ensuring the user has the required permissions for cloudformation:CreateStack and s3:CreateBucket is crucial for successful stack creation.

Latest SOA-C02 Dumps Valid Version with 54 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download SOA-C02 PDF     SOA-C02 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments