Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C03 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C03 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 883 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C03
Question #: 883
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C03 Questions]

A company has deployed a multi-account strategy on AWS by using AWS Control Tower. The company has provided individual AWS accounts to each of its developers. The company wants to implement controls to limit AWS resource costs that the developers incur.

Which solution will meet these requirements with the LEAST operational overhead?

  • A. Instruct each developer to tag all their resources with a tag that has a key of CostCenter and a value of the developer's name. Use the required-tags AWS Config managed rule to check for the tag. Create an AWS Lambda function to terminate resources that do not have the tag. Configure AWS Cost Explorer to send a daily report to each developer to monitor their spending.
  • B. Use AWS Budgets to establish budgets for each developer account. Set up budget alerts for actual and forecast values to notify developers when they exceed or expect to exceed their assigned budget. Use AWS Budgets actions to apply a DenyAll policy to the developer's IAM role to prevent additional resources from being launched when the assigned budget is reached.
  • C. Use AWS Cost Explorer to monitor and report on costs for each developer account. Configure Cost Explorer to send a daily report to each developer to monitor their spending. Use AWS Cost Anomaly Detection to detect anomalous spending and provide alerts.
  • D. Use AWS Service Catalog to allow developers to launch resources within a limited cost range. Create AWS Lambda functions in each AWS account to stop running resources at the end of each work day. Configure the Lambda functions to resume the resources at the start of each work day.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by sandordini at April 30, 2024, 4:30 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
MatAlves
3 weeks, 3 days ago
Selected Answer: B
As beautifully explained in this article: https://docs.aws.amazon.com/cost-management/latest/userguide/budgets-controls.html
upvoted 1 times
...
NSA_Poker
3 months, 4 weeks ago
Selected Answer: B
(A) is eliminated. 'send a daily report to each developer' can be ignored. (C) is eliminated. 'detect anomalous spending' won't stop the spending. (D) is eliminated. 'stop running resources at the end of each work day' won't stop developers from mining bitcoin ($$$) the next day. (B) is correct. 'actions to apply a DenyAll policy..' is the only solution that will 'implement controls to limit AWS resource costs that the developers incur.'
upvoted 2 times
MatAlves
3 weeks, 3 days ago
I'd definitely be mining bitcoin the next day...
upvoted 2 times
...
...
Scheldon
4 months, 2 weeks ago
Selected Answer: B
AnswerB https://docs.aws.amazon.com/cost-management/latest/userguide/budgets-controls.html Taking into consideration that AWS Budgets is allowing to will inform you that you exceeded budged and execute actions like for example IAM actions to prevent running new resources in cloud, I think this option is a good and resonable move. In case of need budged can be always increased and "chains" disabled.
upvoted 4 times
...
f07ed8f
4 months, 3 weeks ago
Selected Answer: C
Seem AWS Budgets does not have DenyAll function but only Apply a custom Deny IAM policy that restricts the ability for a user, group, or role to provision additional Amazon EC2 resources
upvoted 2 times
...
BBR01
5 months, 2 weeks ago
Selected Answer: C
B and D are too aggressive. A - "Instruct each developer", nope, too much operational work.
upvoted 3 times
...
sandordini
5 months, 2 weeks ago
Selected Answer: B
My first instinct says B, but Im concerned about the central management abilities of AWS Budgets. It seems that even though it is not planned to be used primarily to control other accounts its still possible: "You can use actions to define an explicit response that you want to take when a budget exceeds its action threshold. You can trigger these alerts on actual or forecasted cost and usage budgets. 1. The management account sets the budget and threshold for the member account using budget filters. 2. When the budget threshold is breached, a budget action applies a restrictive SCP on the OU. So hopefully B :D
upvoted 4 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel