A company has thousands of Amazon EC2 instances as well as hundreds of virtual machines on-premises. Developers routinely sign in to the console for on-premises systems to perform troubleshooting. The Developers want to sign in to AWS instances to run performance tools, but are unable to due to the lack of a central console logging system. A DevOps Engineer wants to ensure that console access is logged on all systems.
Which combination of steps will meet these requirements? (Choose two.)
A . Attach a role to all AWS instances that contains the appropriate permissions. Create an AWS Systems Manager managed-instance activation. Install and configure Systems Manager Agent on on-premises machines.
B . Enable AWS Systems Manager Session Manager logging to an Amazon S3 bucket. Direct Developers to connect to the systems with Session Manager only.
C . Enable AWS Systems Manager Session Manager logging to AWS CloudTrail. Direct Developers to continue normal sign-in procedures for on-premises. Use Session Manager for AWS instances.
D . Install and configure an Amazon CloudWatch Logs agent on all systems. Create an AWS Systems Manager managed-instance activation.
E . Set up a Site-to-Site VPN connection between the on-premises and AWS networks. Set up a bastion instance to allow Developers to sign in to the AWS instances.
Answer: AB
Leave a Reply