What must the SysOps administrator do to fix this issue?

By:
On:
In: SOA-C02
Tagged:
With: 0 Comments
A company needs to take an inventory of applications that are running on multiple Amazon EC2 instances.The company has configured users and roles with the appropriate permissions for AWS Systems Manager.An updated version of Systems Manager Agent has been installed and is running on every instance.While configuring an inventory collection, a SysOps administrator discovers that not all the instances in a single subnet are managed by Systems Manager.

What must the SysOps administrator do to fix this issue?

Ensure that all the EC2 instances have the correct tags for Systems Manager access.

Configure AWS Identity and Access Management Access Analyzer to determine and automatically remediate the issue.

Ensure that all the EC2 instances have an instance profile with Systems Manager access.

Configure Systems Manager to use an interface VPC endpoint.

Explanations:

Tags are not required for Systems Manager access. They are used for organization but do not grant permissions or access to Systems Manager.

IAM Access Analyzer is used for policy validation and finding external access paths, not for managing Systems Manager or instance access.

EC2 instances need an instance profile with a role granting Systems Manager permissions. Without this, Systems Manager cannot manage the instances.

While an interface VPC endpoint for Systems Manager can help with connectivity issues in a private subnet, it is not required for Systems Manager access.

Leave a Reply

Your email address will not be published. Required fields are marked *

two × 2 =