DOP-C02 · Question #31
DOP-C02 Question #31: Real Exam Question with Answer & Explanation
The correct answer is A: Configure a delegated administrator account for AWS Config. Enable trusted access for AWS. https://aws.amazon.com/blogs/mt/org-aggregator-delegated-admin/ A - When enabling trust - the service-linked role will be created but not the other way around. E - the delegated account will be the account that manages AWS config so it should collect all
Question
A company has its AWS accounts in an organization in AWS Organizations. AWS Config is manually configured in each AWS account. The company needs to implement a solution to centrally configure AWS Config for all accounts in the organization The solution also must record resource changes to a central account. Which combination of actions should a DevOps engineer perform to meet these requirements? (Choose two.)
Options
- AConfigure a delegated administrator account for AWS Config. Enable trusted access for AWS
- BConfigure a delegated administrator account for AWS Config. Create a service-linked role for
- CCreate an AWS CloudFormation template to create an AWS Config aggregator. Configure a
- DCreate an AWS Config organization aggregator in the organization's management account.
- ECreate an AWS Config organization aggregator in the delegated administrator account. Configure
Explanation
https://aws.amazon.com/blogs/mt/org-aggregator-delegated-admin/ A - When enabling trust - the service-linked role will be created but not the other way around. E - the delegated account will be the account that manages AWS config so it should collect all
Topics
Community Discussion
No community discussion yet for this question.