A company with numerous AWS accounts has introduced a centralized procedure for acquiring and altering Reserved Instances. This new process mandates that all business units must forward their requests for Reserved Instance purchases or modifications to a specialized procurement team. Previously, these units independently managed their Reserved Instance transactions within their individual AWS accounts. To ensure the secure enforcement of this new process, what two actions should a solutions architect implement?

Exam-Like

Integrate all AWS accounts into an AWS Organizations setup with full features activated.

21.4%

Employ AWS Config to monitor the application of an IAM policy that prohibits the ec2:PurchaseReservedInstancesOffering and ec2:ModifyReservedInstances actions.

0.0%

Develop an IAM policy in each AWS account that restricts the ec2:PurchaseReservedInstancesOffering and ec2:ModifyReservedInstances actions.

14.3%

Formulate an SCP that disallows the ec2:PurchaseReservedInstancesOffering and ec2:ModifyReservedInstances actions, and apply this SCP to every organizational unit within the AWS structure.

50.0%

Incorporate all AWS accounts into an AWS Organizations framework that leverages consolidated billing capabilities.

14.3%

AWS Certified Solutions Architect - Professional

Get started today

Comments