An administrator is deploying an NC2 cluster and observes that it uses a CloudFormation stack to create IAM roles. Which statement is correct regarding the required permissions for the administrator when running this script?
A.
When running the CloudFormation script, the administrator must log into the AWS account with a user role that has the IAMFullAccess and AWSCloudFormationFullAccess permissions.
B.
Information about the CloudFormation stack can be viewed, namely Nutanix-Clusters-High-Nc2-Cloud-Stack-Prod, on the Stacks page of the CloudFormation console.
C.
After running the CloudFormation template, the administrator will never need to run it again.
D.
If an AWS account has already been added to an organization and the administrator wants to add the same AWS account to another organization, the CloudFormation template will need to be created again.
To successfully onboard an AWS account into the NC2 console, the administrator must deploy a specific CloudFormation stack that establishes the necessary trust relationship and permissions. This process is highly sensitive as it involves the creation of IAM roles that allow Nutanix to orchestrate AWS resources. Consequently, the user executing this script must possessIAMFullAccessto create and modify these security identities andAWSCloudFormationFullAccessto manage the lifecycle of the stack itself. Without these high-level administrative permissions, the deployment will fail, preventing NC2 from obtaining the " secret " keys and roles required to launch bare-metal instances. This one-time setup is fundamental to the security architecture of the hybrid cloud environment.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit