AWS Certified SysOps Administrator – Associate (legacy) — Question 558
A company recently performed a security audit of all its internal applications developed in house. Certain business-critical applications that handle sensitive data were flagged because they use Amazon ES clusters that are open for read/write to a wider user group that intended.
Who is responsible for correcting the issue?
Answer options
- A. AWS Premium Support
- B. the Amazon ES team
- C. the AWS IAM team
- D. a SysOps Administrator
Correct answer: A
Explanation
Under the AWS Shared Responsibility Model, configuring secure access policies is a customer responsibility, and AWS Premium Support is the designated resource to guide and assist the customer in resolving such configuration issues. Internal AWS service groups like the Amazon ES team and the AWS IAM team manage the underlying infrastructure and services, not individual customer configurations. Therefore, AWS Premium Support is responsible for assisting the customer with the correct remediation steps.