Home › Forums › AWS › AWS Certified Solutions Architect Professional › Q Review on AWS Organizations & Control Tower › Reply To: Q Review on AWS Organizations & Control Tower
-
Hello m-agent,
Thank you for sharing your thoughts on this item. Take note that there are questions in the actual AWS exam that are difficult, tricky, and ambiguous. You have to be prepared to look for specific keywords or key phrases in order to find the most suitable answer. This is the style that we are trying to mimic in our practice tests. Some of the questions do not explicitly show the obvious keywords or phrases that will easily point to the answer.
Option 1 is about setting up AWS Organizations by sending invitations from the master account to all member accounts and creating an
OrganizationAccountAccessRole
IAM role in each member account. This option is recommended because it aligns with AWS best practices for centralized management and control. Although it may involve some initial manual steps, it offers seamless administrative control and policy management across all accounts once set up.Option 2, using AWS Control Tower, sets up and manages multiple AWS accounts. However, it will not automatically provision IAM permissions for all member accounts.
We recognize that this question can be further improved, and we will make the necessary updates, which should be reflected on the portal soon.
If you need further assistance or have additional suggestions, please share them with us. We are dedicated to improving our practice tests based on user feedback.
Best regards,
JR @ Tutorials Dojo