An employee keeps terminating EC2 instances in the production environment.
You've determined the best way to ensure this doesn't happen is to add an extra layer of defense against terminating the instances.
Which of the following methods is the most appropriate one to add security protection that prevents the employee from terminating the production instances?
Click on the arrows to vote for the correct answer
A. B. C. D.Answer: A.
Option A is CORRECT because applying the IAM policy restriction would prevent the employee from terminating the production EC2 instance.
Option B is incorrect because this will not allow the entire employee group to terminate the EC2 instance.
The ask is only for a specific employee.
Option C is incorrect because adding an additional level of protection using MFA cannot fully prevent the user from terminating the production instances.
With option A, the explicit deny rule can stop the employee from terminating the production instances.
Option D is incorrect because it only needs to block the deletion of production EC2 instances.
The best method to add an extra layer of defense against an employee terminating EC2 instances in the production environment is to use the following approach:
A. Tag the instance with a production-identifying tag and add resource-level permissions to the IAM policy of the employee user with an explicit deny on the terminate API call to instances with the production tag.
Explanation:
Tagging instances with a production-identifying tag helps to easily identify instances that are critical to the organization and should not be terminated without proper authorization. Adding resource-level permissions to the IAM policy of the employee user with an explicit deny on the terminate API call to instances with the production tag ensures that the user cannot terminate the instance even if they try to do so.
This approach ensures that only users with the appropriate permissions can terminate production instances. It is also a simple and effective method to implement as it does not require any additional infrastructure or configuration changes.
Option B may not be effective as it only limits the employee's ability to terminate the instance, but does not prevent it entirely. Option C may add an extra layer of security, but it does not prevent the employee from terminating the instance if they have the necessary IAM permissions. Option D is not a suitable option as it requires MFA before deleting all EC2 instances, which may be too restrictive for non-production instances.
In conclusion, option A is the most appropriate method to add an extra layer of security to prevent an employee from terminating production EC2 instances.