Examtopics

コメント(7)

• D. Service control policies (SCPs) are one type of policy that you can use to manage your organization. SCPs offer central control over the maximum available permissions for all accounts in your organization, allowing you to ensure your accounts stay within your organization's access control guidelines. See https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html.

  👍 12

  Nigma2022/11/15
• 正解だと思う選択肢: D

  To limit access to specific services or actions in all of the team's AWS accounts and maintain a single point where permissions can be managed, the solutions architect should create a service control policy (SCP) in the root organizational unit to deny access to the services or actions (Option D).

  Service control policies (SCPs) are policies that you can use to set fine-grained permissions for your AWS accounts within your organization. SCPs are attached to the root of the organizational unit (OU) or to individual accounts, and they specify the permissions that are allowed or denied for the accounts within the scope of the policy. By creating an SCP in the root organizational unit, the security team can set permissions for all of the accounts in the organization from a single location, ensuring that the permissions are consistently applied across all accounts.

  👍 4

  Buruguduystunstugudunstuy2022/12/22
• 正解だと思う選択肢: D

  SCP for organization

  👍 2

  goatbernard2022/11/15