SAP-C02 · Question #68
SAP-C02 Question #68: Real Exam Question with Answer & Explanation
The correct answer is B: Enable AWS Organizations, attach the AWS accounts, and create OUs tor European Regions. This policy uses the Deny effect to deny access to all requests for operations that don't target one of the two approved regions (eu-central-1 and eu-west-1). https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps_examp les_general.html#example-scp-d
Question
A large company in Europe plans to migrate its applications to the AWS Cloud. The company uses multiple AWS accounts for various business group. A data privacy law requires the company to restrict developers' access to AWS European Regions only. What should the solutions architect do to meet this requirement with the LEAST amount of management overhead?
Options
- ACreate IAM users and IAM groups in each account.
- BEnable AWS Organizations, attach the AWS accounts, and create OUs tor European Regions
- CSet up AWS Single Sign-On and attach AWS accounts.
- DEnable AWS Organizations, attach the AWS accounts, and create OUs for European Regions
Explanation
This policy uses the Deny effect to deny access to all requests for operations that don't target one of the two approved regions (eu-central-1 and eu-west-1). https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps_examp les_general.html#example-scp-deny-region
Community Discussion
No community discussion yet for this question.