Q16 — AWS SOA-C02 Ch.1

Question 16 of 100 | ← Chapter 1

A company is running workloads on premises and on AWS. A SysOps administrator needs to automate tasks across all servers on premises by using AWS services. The SysOps administrator must not install long-term credentials on the on-premises servers. What should the SysOps administrator do to meet these requirements?

Correct Answer: B. Create a managed-instance activation in AWS Systems Manager. Install the Systems Manager Agent (SSM Agent) on the on-premises servers. Register the servers with the activation code and ID from the instance activation.

Explanation

AWS Systems Manager支持混合环境管理,无需在本地服务器存储长期凭证。根据AWS文档,使用Systems Manager的托管实例激活功能,生成激活码和ID。在本地服务器安装SSM Agent后,使用激活信息注册,即可通过临时凭证安全连接AWS服务。选项A错误,因本地服务器无法附加IAM角色;选项C下载IAM策略无效;选项D使用长期凭证违反要求。正确方法参照Systems Manager混合环境注册流程。