Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 894 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional
Question #: 894
Topic #: 1
[All AWS Certified Solutions Architect - Professional Questions]

A company has a project that is launching Amazon EC2 instances that are larger than required. The project's account cannot be part of the company's organization in AWS Organizations due to policy restrictions to keep this activity outside of corporate IT. The company wants to allow only the launch of t3.small
EC2 instances by developers in the project's account. These EC2 instances must be restricted to the us-east-2 Region.
What should a solutions architect do to meet these requirements?

  • A. Create a new developer account. Move all EC2 instances, users, and assets into us-east-2. Add the account to the company's organization in AWS Organizations. Enforce a tagging policy that denotes Region affinity.
  • B. Create an SCP that denies the launch of all EC2 instances except t3.small EC2 instances in us-east-2. Attach the SCP to the project's account.
  • C. Create and purchase a t3.small EC2 Reserved Instance for each developer in us-east-2. Assign each developer a specific EC2 instance with their name as the tag.
  • D. Create an IAM policy than allows the launch of only t3.small EC2 instances in us-east-2. Attach the policy to the roles and groups that the developers use in the project's account.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by gnic at Aug. 31, 2022, 9:50 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
gnic
Highly Voted 2 years, 1 month ago
Selected Answer: D
It's D. Question says "The project's account cannot be part of the company's organization in AWS Organizations", so how we can use SCP?????
upvoted 16 times
sumaju
9 months, 3 weeks ago
SCP can be attached at account level.
upvoted 1 times
...
...
janvandermerwer
Most Recent 1 year, 11 months ago
Selected Answer: D
"The project's account CANNOT be part of the company's organization in AWS Organizations due to policy restrictions to keep this activity outside of corporate IT" A = Not applicable B = SCP requires organisations C = High admin overhead - won't allow scaling out. D= Not ideal, but will do the job for a standalone account.
upvoted 3 times
...
firstabed
2 years ago
D D D
upvoted 3 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel