Multiple Choice
A company wants to ensure that the workloads for each of its business units have complete autonomy and a minimal blast radius in AWS. The Security team must be able to control access to the resources and services in the account to ensure that particular services are not used by the business units. How can a Solutions Architect achieve the isolation requirements?
A) Create individual accounts for each business unit and add the account to an OU in AWS Organizations. Modify the OU to ensure that the particular services are blocked. Federate each account with an IdP, and create separate roles for the business units and the Security team.
B) Create individual accounts for each business unit. Federate each account with an IdP and create separate roles and policies for business units and the Security team.
C) Create one shared account for the entire company. Create separate VPCs for each business unit. Create individual IAM policies and resource tags for each business unit. Federate each account with an IdP, and create separate roles for the business units and the Security team.
D) Create one shared account for the entire company. Create individual IAM policies and resource tags for each business unit. Federate the account with an IdP, and create separate roles for the business units and the Security team.
Correct Answer:
Verified
Correct Answer:
Verified
Q216: Your customer wishes to deploy an enterprise
Q217: A company provides AWS solutions to its
Q218: Your company runs a customer facing event
Q219: A user is running a critical batch
Q220: A company requires that all internal application
Q222: A company is migrating its on-premises systems
Q223: An organization is having an application which
Q224: A large company experienced a drastic increase
Q225: A solutions architect has an operational workload
Q226: A company currently runs a secure application