🔥 3-day streak
AWS Certified CloudOps Engineer - Associate38 / 159
Question 38 of 159
A CloudOps engineer manages a security baseline (AWS Config rules, IAM roles, and CloudTrail configuration) deployed to 40 member accounts using a CloudFormation StackSet with service-managed permissions across an AWS Organization. Compliance auditors report that some member accounts have had resources manually modified outside of CloudFormation. The engineer needs to identify which stack instances no longer match the StackSet template's expected configuration, with the least operational effort. What should the engineer do?
Reviewed for accuracy · Report an issueNext question