Answer-first summary for fast verification
Answer: Create an IAM role for AWS Budgets to run budget actions with the required permissions., Use AWS Budgets to create a budget. Set the budget amount under the Billing dashboards of the required AWS accounts., Add an alert to notify the company when each account meets its budget threshold. Add a budget action that selects the IAM identity created with the appropriate service control policy (SCP) to prevent provisioning of additional resources.
## Explanation **Correct Answers: B, D, F** ### Why these options are correct: 1. **B - Use AWS Budgets to create a budget. Set the budget amount under the Billing dashboards of the required AWS accounts.** - AWS Budgets is the correct service for budget management and monitoring - Budgets are created in the Billing dashboard, not in Cost and Usage Reports - This allows setting different budgets for different AWS accounts 2. **D - Create an IAM role for AWS Budgets to run budget actions with the required permissions.** - AWS Budgets requires an IAM role (not an IAM user) to execute budget actions - The role must have appropriate permissions to perform actions like applying SCPs - IAM roles are the recommended approach for service-to-service interactions 3. **F - Add an alert to notify the company when each account meets its budget threshold. Add a budget action that selects the IAM identity created with the appropriate service control policy (SCP) to prevent provisioning of additional resources.** - Alerts notify when budget thresholds are met - Service Control Policies (SCPs) are the correct mechanism to prevent resource provisioning in AWS Organizations - SCPs can deny specific actions across member accounts when budget thresholds are exceeded ### Why other options are incorrect: **A - Incorrect**: Budgets are not set in Cost and Usage Reports section. Cost and Usage Reports are for detailed billing data, not for budget configuration. **C - Incorrect**: AWS Budgets uses IAM roles (not IAM users) to execute budget actions. IAM users are for human access, while roles are for service-to-service interactions. **E - Incorrect**: AWS Config rules are for compliance and configuration management, not for preventing resource provisioning based on budget thresholds. SCPs are the correct mechanism for this purpose in AWS Organizations. ### Key AWS Services Involved: 1. **AWS Budgets**: For creating budgets, setting thresholds, and triggering actions 2. **AWS Organizations**: For managing multiple accounts and applying SCPs 3. **Service Control Policies (SCPs)**: For preventing resource provisioning when budget thresholds are met 4. **IAM Roles**: For granting AWS Budgets permissions to execute actions This solution provides automated budget enforcement across multiple AWS accounts within an organization.
Ultimate access to all questions.
No comments yet.
Author: LeetQuiz Editorial Team
A company uses AWS Organizations. The company wants to operate some of its AWS accounts with different budgets. The company wants to receive alerts and automatically prevent provisioning of additional resources on AWS accounts when the allocated budget threshold is met during a specific period.
Which combination of solutions will meet these requirements? (Choose three.)
A
Use AWS Budgets to create a budget. Set the budget amount under the Cost and Usage Reports section of the required AWS accounts.
B
Use AWS Budgets to create a budget. Set the budget amount under the Billing dashboards of the required AWS accounts.
C
Create an IAM user for AWS Budgets to run budget actions with the required permissions.
D
Create an IAM role for AWS Budgets to run budget actions with the required permissions.
E
Add an alert to notify the company when each account meets its budget threshold. Add a budget action that selects the IAM identity created with the appropriate config rule to prevent provisioning of additional resources.
F
Add an alert to notify the company when each account meets its budget threshold. Add a budget action that selects the IAM identity created with the appropriate service control policy (SCP) to prevent provisioning of additional resources.