Which solution will meet these requirements?

By:
In: DOP-C01
Tagged:
With: 1 Comment
A DevOps team supports many accounts across an organization in AWS Organizations.The DevOps team has decided to use AWS Coring across the organization to implement centralized automatic remediation of Amazon S3 buckets that have public ACLs.Individual accounts must not be able to modify the remediation strategy.

Which solution will meet these requirements?

Create an AWS Config conformance pack that contains a rule that checks for S3 buckets that have public ACLs. Configure the conformance pack to use an AWS Systems Manager Automation runbook to block public access to the S3 buckets. Deploy the conformance pack across the organization.

Configure AWS Config rules that detect S3 buckets that have public ACLs. Configure a remediation action that uses AWS Lambda to block public access to the S3 buckets. Use AWS CloudFormation StackSets to deploy the rules across the organization.

Configure AWS Config rules that detect S3 buckets that have public ACLs. Configure a remediation action that uses an AWS Systems Manager Automation runbook to block public access to the S3 buckets. Use AWS CloudFormation StackSets to deploy the rules across the organization.

Create an AWS Config conformance pack that contains a rule that checks for 53 buckets that have public ACLs. Configure the conformance pack to use an AWS Lambda function to block public access to the S3 buckets. Deploy the conformance pack across the organization.

2025-10-02

1 Comment

  1. Adam
    Author

    From my perspective, the answer is:
    Create an AWS Config conformance pack that contains a rule that checks for S3 buckets that have public ACLs. Configure the conformance pack to use an AWS Systems Manager Automation runbook to block public access to the S3 buckets. Deploy the conformance pack across the organization.

Leave a Reply to Adam Cancel reply

Your email address will not be published. Required fields are marked *

thirteen + 20 =