Which actions can a DevOps Engineer take to meet this requirement?

Posted by: Pdfprep Category: DOP-C01 Tags: , ,

A company indexes all of its Amazon CloudWatch Logs on Amazon ES and uses Kibana to view a dashboard for actionable insight. The company wants to restrict user access to Kibana by user.

Which actions can a DevOps Engineer take to meet this requirement? (Choose two.)
A . Create a proxy server with user authentication in an Auto Scaling group, and restrict access of the Amazon ES endpoint to an Auto Scaling group tag.
B . Create a proxy server with user authentication and an Elastic IP address, and restrict access of the Amazon ES endpoint to the IP address.
C . Create a proxy server with AWS IAM user, and restrict access of the Amazon ES endpoint to the IAM user.
D . Use AWS SSO to offer user name and password protection for Kibana.
E . Use Amazon Cognito to offer user name and password protection for Kibana.

Answer: CE

Explanation:

Reference: https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-cognito-auth.html

Leave a Reply

Your email address will not be published.