AWS Certified Solutions Architect - Associate
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
A company uses AWS Organizations to create dedicated AWS accounts for each business unit to manage each business unit's account independently upon request. The root email recipient missed a notification that was sent to the root user email address of one account. The company wants to ensure that all future notifications are not missed. Future notifications must be limited to account administrators.
Which solution will meet these requirements?
Other
Community
UAnonymous
A
Configure the company’s email server to forward notification email messages that are sent to the AWS account root user email address to all users in the organization.
B
Configure all AWS account root user email addresses as distribution lists that go to a few administrators who can respond to alerts. Configure AWS account alternate contacts in the AWS Organizations console or programmatically.
C
Configure all AWS account root user email messages to be sent to one administrator who is responsible for monitoring alerts and forwarding those alerts to the appropriate groups.
D
Configure all existing AWS accounts and all newly created accounts to use the same root user email address. Configure AWS account alternate contacts in the AWS Organizations console or programmatically.
Explanation:
Explanation
Correct Answer: B
Why Option B is correct:
- Distribution lists for root user emails: By configuring AWS account root user email addresses as distribution lists, notifications are sent to multiple administrators, reducing the risk of a single person missing them.
- AWS account alternate contacts: AWS allows you to configure alternate contacts (billing, operations, security) who receive important notifications. This ensures notifications reach the right administrators directly.
- AWS Organizations integration: The solution mentions configuring these settings through AWS Organizations console or programmatically, which aligns with the company's use of AWS Organizations.
- Limited to account administrators: The solution ensures notifications go only to a few administrators, meeting the security requirement.
Why other options are incorrect:
Option A: Forwarding to all users violates the requirement that notifications must be limited to account administrators. This creates security risks and notification overload.
Option C: Relying on a single administrator creates a single point of failure and violates the requirement to ensure notifications are not missed. If that one administrator misses notifications, the problem persists.
Option D: Using the same root user email address for all accounts:
- Violates AWS best practices for account isolation
- Creates security risks by centralizing root access
- Doesn't properly address the notification distribution issue
- May not work with AWS Organizations policies that require unique email addresses
Key AWS Concepts:
- AWS Account Alternate Contacts: Allow you to specify additional email addresses to receive important notifications about your AWS account.
- AWS Organizations: Enables centralized management of multiple AWS accounts.
- Root User Email: The email address used to create the AWS account receives critical notifications; it's important to ensure this email is monitored.
Best Practice: Always configure alternate contacts and ensure root user emails are monitored by multiple administrators to avoid missing critical AWS notifications.
Comments
Loading comments...