Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C03 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C03 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 777 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C03
Question #: 777
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C03 Questions]

A company uses AWS Organizations for its multi-account AWS setup. The security organizational unit (OU) of the company needs to share approved Amazon Machine Images (AMIs) with the development OU. The AMIs are created by using AWS Key Management Service (AWS KMS) encrypted snapshots.

Which solution will meet these requirements? (Choose two.)

  • A. Add the development team's OU Amazon Resource Name (ARN) to the launch permission list for the AMIs.
  • B. Add the Organizations root Amazon Resource Name (ARN) to the launch permission list for the AMIs.
  • C. Update the key policy to allow the development team's OU to use the AWS KMS keys that are used to decrypt the snapshots.
  • D. Add the development team’s account Amazon Resource Name (ARN) to the launch permission list for the AMIs.
  • E. Recreate the AWS KMS key. Add a key policy to allow the Organizations root Amazon Resource Name (ARN) to use the AWS KMS key.
Show Suggested Answer Hide Answer
Suggested Answer: AC 🗳️
by Andy_09 at Feb. 6, 2024, 7:37 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Andy_09
Highly Voted 8 months, 1 week ago
Changing to options AC
upvoted 12 times
...
Scheldon
Most Recent 3 months, 3 weeks ago
Selected Answer: AC
AnswerAC Option A will allow to run/lunch AMIs Option C will allow to decript AMIs which is necessery to run AMI.
upvoted 1 times
...
cjace
4 months ago
CD - Solution C: Update the Key Policy Why: The AMIs are created using KMS-encrypted snapshots, so the KMS keys must allow the development team's accounts to use these keys for decrypting the snapshots. How: Update the key policy of the KMS key to include permissions for the development OU or specific accounts within that OU. This will enable those accounts to use the KMS key for decrypting the snapshots associated with the AMIs. Solution D: Add the Development Team’s Account ARN to the Launch Permission List Why: To share the AMIs with the development accounts, you need to grant launch permissions to those accounts. This allows the specified accounts to use the shared AMIs to launch instances. How: Add the ARNs of the development team's accounts to the launch permission list of the AMIs. This can be done using the modify-image-attribute command in the AWS CLI, specifying the account IDs that should have launch permissions.
upvoted 1 times
...
Mikado211
6 months, 3 weeks ago
Selected Answer: AC
A : give users the right to launch C : give users the right to decrypt
upvoted 3 times
...
osmk
7 months, 3 weeks ago
Selected Answer: AC
c=>https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/share-amis-with-organizations-and-OUs.html#allow-org-ou-to-use-key A-->https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/share-amis-with-organizations-and-OUs.html#share-amis-org-ou
upvoted 3 times
...
Andy_09
8 months, 1 week ago
Option CD
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel