Answer-first summary for fast verification
Answer: Developing a service control policy at the root organizational unit for service or action access control.
The correct answer is D. A service control policy (SCP) in AWS Organizations allows you to manage access to AWS services or actions across multiple accounts within an organization. By applying the SCP at the root organizational unit (OU), you can ensure that the policy is enforced across all accounts in a scalable manner. This approach provides a single point of administration for permissions, making it easier to manage and maintain security policies consistently across the organization. Options A, B, and C do not offer the same level of centralized and scalable management as an SCP.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
How can a solutions architect restrict access to certain services or actions across multiple AWS accounts within a large organization, ensuring a scalable and centralized management approach?
A
Implementing ACLs for service or action access.
B
Utilizing security groups for account allowances and user group attachments.
C
Establishing cross-account roles with denial of service or action access.
D
Developing a service control policy at the root organizational unit for service or action access control.
No comments yet.