Question 234:
The company you are working for is prototyping a HIPAA-compliant application. You as a DevOps engineer have to automate the resource auditing process, including CIS AWS Foundations Benchmark requirements as an external compliance framework. The results have to be sent periodically as email notifications. Which statement is true when creating custom AWS Config rules via AWS Lambda function to model criteria meeting?
Answer options:
A.You develop custom rules and add them to AWS Config. Then, you can associate each custom rule with one out of the two AWS Lambda function blueprints only, which contains the predefined logic that evaluates whether your AWS resources comply with the rule. The Lambda function will require permission only to publish a message to Amazon SNS. The custom rule will require permission to query AWS Config. B.You develop custom rules and add them to AWS Config. Then, you can associate each custom rule with any AWS Lambda function blueprints only, which contains the predefined logic that evaluates whether your AWS resources comply with the rule. The custom rule will require permission only to publish a message to Amazon SNS. C.You develop custom rules and add them to AWS Config. Then, you associate each AWS Lambda function with a custom rule containing the logic that evaluates whether your AWS resources comply with the rule. The custom rule will require permission to query AWS Config and publish a message to Amazon SNS. D.You develop custom rules and add them to AWS Config. Then, you associate each custom rule with an AWS Lambda function containing the logic that evaluates whether your AWS resources comply with the rule. The Lambda function will require permission to query AWS Config and publish a message to Amazon SNS.