You are tasked with implementing Service Control Policies (SCPs) in AWS Organizations to enforce a policy that limits the use of the root account. Describe how you would design and deploy these SCPs, including specific actions or services you would restrict to enhance security.

Simulated

Deploy SCPs that completely disable the root account usage across all accounts.

33.3%

Create SCPs that restrict actions like creating access keys for the root user, disabling MFA, and using the root user for API calls, while allowing necessary administrative tasks through IAM roles.

66.7%

Use SCPs to monitor root account usage without restricting any actions.

0.0%

Disable SCPs and rely on IAM policies to manage root account usage.

0.0%

AWS Certified Security - Specialty

Get started today

Comments

You are tasked with implementing Service Control Policies (SCPs) in AWS Organizations to enforce a policy that limits the use of the root account. Describe how you would design and deploy these SCPs, including specific actions or services you would restrict to enhance security.