ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional SAP-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional SAP-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional SAP-C02 topic 1 question 261 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional SAP-C02
Question #: 261
Topic #: 1
[All AWS Certified Solutions Architect - Professional SAP-C02 Questions]

A company has many separate AWS accounts and uses no central billing or management. Each AWS account hosts services for different departments in the company. The company has a Microsoft Azure Active Directory that is deployed.

A solutions architect needs to centralize billing and management of the company’s AWS accounts. The company wants to start using identity federation instead of manual user management. The company also wants to use temporary credentials instead of long-lived access keys.

Which combination of steps will meet these requirements? (Choose three.)

  • A. Create a new AWS account to serve as a management account. Deploy an organization in AWS Organizations. Invite each existing AWS account to join the organization. Ensure that each account accepts the invitation.
  • B. Configure each AWS account's email address to be aws+@example.com so that account management email messages and invoices are sent to the same place.
  • C. Deploy AWS IAM Identity Center (AWS Single Sign-On) in the management account. Connect IAM Identity Center to the Azure Active Directory. Configure IAM Identity Center for automatic synchronization of users and groups.
  • D. Deploy an AWS Managed Microsoft AD directory in the management account. Share the directory with all other accounts in the organization by using AWS Resource Access Manager (AWS RAM).
  • E. Create AWS IAM Identity Center (AWS Single Sign-On) permission sets. Attach the permission sets to the appropriate IAM Identity Center groups and AWS accounts.
  • F. Configure AWS Identity and Access Management (IAM) in each AWS account to use AWS Managed Microsoft AD for authentication and authorization.
Show Suggested Answer Hide Answer
Suggested Answer: ACE 🗳️
by psyx21 at June 21, 2023, 11:14 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
gd1
Highly Voted 10 months ago
Selected Answer: ACE
Yes ACE - A for a new Management account: C for SSO; E for permissions to IAM
upvoted 14 times
...
SkyZeroZx
Highly Voted 10 months ago
Selected Answer: ACE
A) Creating a master account to manage organizations on AWS and invite them sounds like a good idea and is recommended. B) Has no sense C ) In AWS Single Sign On adding Azure AD as trust sounds like a good idea and it is the usual way to do it as well as creating users and groups D ) Create an AD in AWS and share it? it doesn't make sense because there already exists one in azure which we will use E ) Creating the corresponding permission set and attaching it to the groups that were created usually makes sense. F ) again an AD created in AWS is not necessary because it already exists in Azure and you do not want to have another one again
upvoted 6 times
...
salazar35
Most Recent 5 months ago
Selected Answer: ACE
ACE make sense.
upvoted 1 times
...
career360guru
5 months ago
Selected Answer: ACE
A C and E options.
upvoted 1 times
...
ggrodskiy
9 months, 1 week ago
Correct ACE.
upvoted 1 times
...
Piccaso
9 months, 3 weeks ago
Selected Answer: ACE
D must be wrong.
upvoted 1 times
...
NikkyDicky
9 months, 3 weeks ago
Selected Answer: ACE
ACE IT!
upvoted 2 times
...
YodaMaster
9 months, 3 weeks ago
Selected Answer: ACE
this question scored an ACE
upvoted 1 times
...
SmileyCloud
10 months ago
Selected Answer: ACE
ACE - Management account, AWS SSO with Azure AD and permission sets
upvoted 1 times
...
SkyZeroZx
10 months ago
Selected Answer: ACE
Yes ACE - A for a new Management account: C for SSO; E for permissions to IAM
upvoted 1 times
...
PhuocT
10 months ago
Selected Answer: ACE
A, C and E
upvoted 1 times
...
MoussaNoussa
10 months, 1 week ago
ACE is the right answer
upvoted 1 times
...
psyx21
10 months, 1 week ago
Selected Answer: ACE
Correct Answer is ACE
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago