A Development team wants to deploy an application using AWS CloudFormation stacks, but the Developer IAM role does not currently have the required permissions to provision the resources specified in the CloudFormation template. A DevOps Engineer is tasked with allowing Developers to deploy the stacks while following the principal of least privilege.
Which solution will meet these requirements?
A. Create an IAM policy that allows Developers to provision the required resources. Attach the policy to the Developer role.
B. Create an IAM policy that allows full access to CloudFormation. Attach the policy to the Developer role.
C. Create a new IAM role with the required permissions to use as a CloudFormation service role. Grant the Developer role a cloudformation:* action.
D. Create a new IAM role with the required permissions to use as a CloudFormation service role. Grant the Developer role the iam:PassRole permission.
Which solution will meet these requirements?
A. Create an IAM policy that allows Developers to provision the required resources. Attach the policy to the Developer role.
B. Create an IAM policy that allows full access to CloudFormation. Attach the policy to the Developer role.
C. Create a new IAM role with the required permissions to use as a CloudFormation service role. Grant the Developer role a cloudformation:* action.
D. Create a new IAM role with the required permissions to use as a CloudFormation service role. Grant the Developer role the iam:PassRole permission.