New Year Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ac4s65

A security engineer configures VPC Flow Logs and the associated IAM role to log all...

Amazon Web Services SCS-C02 Full Course Access
Amazon Web Services SCS-C02 View All Questions

A security engineer configures VPC Flow Logs and the associated IAM role to log all VPC traffic to a log group in Amazon CloudWatch Logs. After a wait of 10 minutes, no logs are appearing in the log group. The security engineer confirms that traffic is being sent to the VPC.

After additional debugging, the security engineer isolates the problem to the role that is associated with the VPC flow logs.

What could be the reason that the logs are not appearing in CloudWatch Logs?

A.

The logs:GetLogEvents permission is not granted in the role.

B.

The security engineer does not have permission to assume the role.

C.

The principal vpc-flow-logs.amazonaws.com does not have permission to assume the role.

D.

The role does not have permission to tag a CloudWatch Logs stream.

SCS-C02 PDF/Engine
  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions
buy now SCS-C02 pdf
Get 65% Discount on All Products, Use Coupon: "ac4s65"
Next
A company needs to use HTTPS when connecting to its web applications to meet compliance...
During a manual review of system logs from an Amazon Linux EC2 instance, a Security...
Previous