Home › Forums › AWS › AWS Certified Solutions Architect Professional › Review exam -3
-
-
Hello, Samli!
Thank you for your patience and understanding.
“Define Service Control Policy (SCP) documents to only allow services and features defined by the parent company policy. Apply the necessary SCP for each subsidiary AWS account is correct”
The green highlighted options are correct because they involve using Service Control Policy (SCP) documents to limit access to only the services and features allowed by the parent AWS company’s policy. This means applying the right SCPs to each subsidiary AWS account, ensuring they follow the rules set by the parent AWS account.
On the other hand, the option to “Create an AWS account for the parent company and create a single AWS Organization with the Consolidated Billing feature set. Invite each subsidiary AWS account to join the parent company’s AWS Organization” is incorrect. While creating an AWS Organization is needed, using only the Consolidated Billing feature doesn’t meet the requirements. You can’t use SCPs to manage your member AWS accounts unless “All Features” is enabled. Consolidated Billing alone isn’t enough; you must enable “All features” to create and apply SCPs for each subsidiary.
If you have any questions or need further assistance, please don’t hesitate to ask. Happy to assist.
Thank you!
Regards,
Ace @ Tutorials Dojo
Log in to reply.