A company wants to improve operational excellence by automatically remediating non-compliant AWS resources. For example, if an S3 bucket is created without versioning enabled, it should be automatically enabled. Which combination of services achieves this?

Answer options:

AWS CloudTrail and AWS Lambda.

AWS Config rules and AWS Systems Manager Automation documents.

AWS Trusted Advisor and Amazon EventBridge.

AWS Security Hub and AWS Step Functions.

How to approach this question

Identify the native AWS pairing for compliance detection and automated remediation.

Full Answer

B.AWS Config rules and AWS Systems Manager Automation documents.✓ Correct

AWS Config rules evaluate resource compliance. You can associate AWS Systems Manager Automation documents as remediation actions to automatically fix non-compliant resources.

Common mistakes

Thinking custom Lambda functions are required for basic remediations.

Question 42 All questions Question 44

Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 6

75 questions · hints · full answers · grading

More questions from this exam

Q01A global enterprise requires highly available hybrid connectivity between its on-premises data ce...Hard Q02An organization has 50 VPCs across two AWS Regions connected via Transit Gateways (TGW). The TGWs...Hard Q03A company uses AWS Organizations. The network team wants to share a central Transit Gateway (TGW)...Medium Q04An enterprise has on-premises data centers in the US and Europe. They want to use the AWS global ...Hard Q05A company requires that all API calls to Amazon S3 from their VPC must not traverse the public in...Medium

View all 75 questions →