Topic 1 Question 367
A large payroll company recently merged with a small staffing company. The unified company now has multiple business units, each with its own existing AWS account.
A solutions architect must ensure that the company can centrally manage the billing and access policies for all the AWS accounts. The solutions architect configures AWS Organizations by sending an invitation to all member accounts of the company from a centralized management account.
What should the solutions architect do next to meet these requirements?
Create the OrganizationAccountAccess IAM group in each member account. Include the necessary IAM roles for each administrator.
Create the OrganizationAccountAccessPolicy IAM policy in each member account. Connect the member accounts to the management account by using cross-account access.
Create the OrganizationAccountAccessRole IAM role in each member account. Grant permission to the management account to assume the IAM role.
Create the OrganizationAccountAccessRole IAM role in the management account. Attach the AdministratorAccess AWS managed policy to the IAM role. Assign the IAM role to the administrators in each member account.
ユーザの投票
コメント(9)
- 正解だと思う選択肢: C
C is the Answer: This setup enables centralized management of member accounts from the management account. Administrators in the management account can assume the OrganizationAccountAccessRole in member accounts to perform necessary actions, aligning with AWS best practices for Organizations. It simplifies the management and auditing of various accounts and ensures a standardized role exists across all accounts for consistent access control.
👍 7heatblur2023/11/25 - 正解だと思う選択肢: C
Answer: C
👍 3cypkir2023/11/21 - 正解だと思う選択肢: C
OrganizationAccountAccessRole is created in the member accounts and this role can be assumed by IAM users in the Management account to perform any actions in member accounts. Answer C.
👍 3shaaam802023/11/28
シャッフルモード