A company indexes all of its Amazon CloudWatch Logs on Amazon ES and uses Kibana to view a dashboard for actionable insight. The company wants to restrict user access to Kibana by user.
Which actions can a DevOps Engineer take to meet this requirement? (Choose two.)
A . Create a proxy server with user authentication in an Auto Scaling group, and restrict access of the Amazon ES endpoint to an Auto Scaling group tag.
B . Create a proxy server with user authentication and an Elastic IP address, and restrict access of the Amazon ES endpoint to the IP address.
C . Create a proxy server with AWS IAM user, and restrict access of the Amazon ES endpoint to the IAM user.
D . Use AWS SSO to offer user name and password protection for Kibana.
E . Use Amazon Cognito to offer user name and password protection for Kibana.
Answer: CE
Explanation:
Reference: https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-cognito-auth.html
Leave a Reply