Topic 1 Question 668

AWS Certified Solutions Architect - Associate

Topic 1 Question 668
A company created a new organization in AWS Organizations. The organization has multiple accounts for the company's development teams. The development team members use AWS IAM Identity Center (AWS Single Sign-On) to access the accounts. For each of the company's applications, the development teams must use a predefined application name to tag resources that are created.

A solutions architect needs to design a solution that gives the development team the ability to create resources only if the application name tag has an approved value.

Which solution will meet these requirements?
- Create an IAM group that has a conditional Allow policy that requires the application name tag to be specified for resources to be created.
- Create a cross-account role that has a Deny policy for any resource that has the application name tag.
- Create a resource group in AWS Resource Groups to validate that the tags are applied to all resources in all accounts.
- Create a tag policy in Organizations that has a list of allowed application names.
ユーザの投票
コメント(5)
- 正解だと思う選択肢: D
  https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
  
  👍 2
  rcptryk2023/12/02
- 正解だと思う選択肢: D
  Other options don't make sense
  
  👍 2
  pentium752024/01/03
- D https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
  
  👍 1
  SHAAHIBHUSHANAWS2023/12/04
シャッフルモード

ユーザの投票

コメント(5)