Answer-first summary for fast verification
Answer: From the management account, assume the OrganizationAccountAccessRole using the account ID of the new member account to switch roles. Then, set up the required IAM users.
The correct answer is B. By assuming the OrganizationAccountAccessRole from the management account, you get temporary, controlled access to the new member account. You can obtain the account ID of the new member account and use it to switch roles. This approach avoids sharing the root account credentials or creating separate IAM users for cross-account access, enhancing security and reducing administrative overhead.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
A financial company is setting up a new AWS account for a digital wallet application using AWS Organizations. The solutions architect plans to use the IAM user Support1 from the management account to establish this new member account, with finance1@example.com designated as the email address. How should the solutions architect proceed to create IAM users within the newly created member account?
A
Sign in to the AWS Management Console using the root user credentials for the new account, utilizing the 64-character password provided in the initial AWS Organizations email sent to finance1@example.com. Proceed to configure the necessary IAM users.
B
From the management account, assume the OrganizationAccountAccessRole using the account ID of the new member account to switch roles. Then, set up the required IAM users.
C
Navigate to the AWS Management Console sign-in page, select “Sign in using root account credentials,” and log in using the email address finance1@example.com along with the root password of the management account. After logging in, create the IAM users as needed.
D
Access the AWS Management Console sign-in page and log in using the account ID of the new member account in conjunction with the Support1 IAM user credentials. Once logged in, establish the IAM users.
No comments yet.