A company uses an organization in AWS Organizations to help separate its Amazon EC2 instances and VPCs. The company has separate OUs for development workloads and production workloads.
A security engineer must ensure that only AWS accounts in the production OU can write VPC flow logs to an Amazon S3 bucket. The security engineer is configuring the S3 bucket policy with a Condition element to allow the s3:PutObject action for VPC flow logs.
How should the security engineer configure the Condition element to meet these requirements?
molerowan
23Â hours, 41Â minutes agoAsma2023
2Â months, 1Â week ago