An IT firm has deployed web applications using Amazon EC2 instance.
Team members in the operations team do not have permission to restart Amazon EC2 instance.
The Operations Head is exploring an option to enable team members to restart EC2 instances using AWS Systems Manager runbooks & seeking your support to create appropriate permissions.
While assigning permissions, there should not be any deviation in the least privilege access guidelines established by the Security Team. Which permission needs to be assigned to enable members to restart the EC2 instance?
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer: A.
Runbooks run in the context of the user who initiated the runbooks.
In the above case, team members will need permission to restart an Amazon EC2 instance which will be used by runbooks.
Another option is to use service roles.
With service roles, runbooks are run against the AWS resource & users who initiated the runbooks do not require permission to restart the Amazon EC2 instance.
Option B is incorrect as using a service role is a preferred option instead of using an administrator account to initiate runbooks.
Options C & D are incorrect as this will be against the least privilege permission guidelines.
For more information on running runbooks with service roles, refer to the following URL,
https://docs.aws.amazon.com/systems-manager/latest/userguide/automation-walk-security-delegated.htmlThe correct answer to this question is C. Create a runbook to restart an Amazon EC2 instance allowing team members ‘AmazonSSMFullAccess' permissions to restart a specific Amazon EC2 instance.
Explanation:
To enable team members to restart Amazon EC2 instances using AWS Systems Manager Runbooks, the necessary permission needs to be granted to them. However, it is important to ensure that the permissions granted do not deviate from the least privilege access guidelines established by the Security Team.
To grant the required permissions to the team members, we need to create a runbook that enables them to restart the Amazon EC2 instances. Additionally, we need to ensure that the team members have access only to the specific instances they need to manage and not all instances running in the AWS account.
Hence, the correct approach is to create a runbook that allows team members the 'AmazonSSMFullAccess' permission. This permission provides full access to all AWS Systems Manager capabilities, including the ability to start and stop EC2 instances. However, we need to ensure that the permission is scoped only to the specific instances that the team members need to manage, and not all instances.
Therefore, the correct option is C. Create a runbook to restart an Amazon EC2 instance allowing team members ‘AmazonSSMFullAccess' permissions to restart a specific Amazon EC2 instance.
Option A is incorrect because it does not provide any information about how the permission will be granted to team members, and it does not ensure that the permission is scoped to the specific instances that they need to manage.
Option B is incorrect because running the runbook as an administrator instead of a user does not provide any additional security or access control. It still allows team members to perform all operations without scoping to specific instances.
Option D is incorrect because granting full permissions to restart an EC2 instance is not in line with the least privilege access guidelines established by the Security Team. It is important to ensure that permissions granted are scoped to only the necessary resources and operations that the team members need to perform their job responsibilities.