A company is using AWS to run a long-running analysis process on data that is stored in Amazon S3 buckets. The process runs on a fleet of Amazon EC2 instances that are in an Auto Scaling group. The EC2 instances are deployed in a private subnet of a VPC that does not have internet access. The EC2 instances and the S3 buckets are in the same AWS account.
The EC2 instances access the S3 buckets through an S3 gateway endpoint that has the default access policy. Each EC2 instance is associated with an instance profile role that has a policy that explicitly allows the s3:GetObject action and the s3:PutObject action for only the required S3 buckets.
The company learns that one or more of the EC2 instances are compromised and are exfiltrating data to an S3 bucket that is outside the company's organization in AWS Organizations. A security engineer must implement a solution to stop this exfiltration of data and to keep the EC2 processing job functional.
Which solution will meet these requirements?
kejam
Highly Voted 1 year, 8 months agoNoCrapEva
1 year, 5 months agoAgboolaKun
1 year, 7 months agoRaphaello
1 year, 4 months ago1c7c461
Highly Voted 1 year, 6 months agob5f86df
Most Recent 1 month ago2f5c7cd
1 month, 1 week agoAWSLoverLoverLoverLoverLover
4 months, 2 weeks agoAWSLoverLoverLoverLoverLover
4 months, 3 weeks agoIPLogic
7 months, 1 week agomzeynalli
8 months agojakie22332
8 months, 1 week agoicecool36
1 year, 2 months ago9bb8cb3
1 year, 2 months agoion_gee
1 year, 3 months agoNoexperience
1 year, 4 months agobkbaws
1 year, 4 months agoRaphaello
1 year, 5 months agoLazyAutonomy
1 year, 5 months agoLazyAutonomy
1 year, 5 months agomark16dc
1 year, 5 months ago