Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon DOP-C02 Exam - Topic 1 Question 58 Discussion

Actual exam question for Amazon's DOP-C02 exam
Question #: 58
Topic #: 1
[All DOP-C02 Questions]

A company has multiple member accounts that are part of an organization in AWS Organizations. The security team needs to review every Amazon EC2 security group and their inbound and outbound rules. The security team wants to programmatically retrieve this information from the member accounts using an AWS Lambda function in the management account of the organization.

Which combination of access changes will meet these requirements? (Choose three.)

Show Suggested Answer Hide Answer
Suggested Answer: B, C, E

https://aws.amazon.com/premiumsupport/knowledge-center/lambda-function-assume-iam-role/ https://kreuzwerker.de/post/aws-multi-account-setups-reloaded


by Shakira at Jan 22, 2026, 03:01 PM

Limited Time Offer

25%

Off

Get Premium DOP-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Tricia
4 days ago
The correct answer is to use the AWS Organizations API, the AWS Security Group API, and the AWS Lambda function in the management account. Anything less would be a security nightmare.
upvoted 0 times
...
Elbert
10 days ago
Haha, good one Mike! Yeah, manually reviewing security groups in dozens or hundreds of accounts sounds like a real blast. I'll take the programmatic approach, thanks.
upvoted 0 times
...
Rasheeda
15 days ago
Wouldn't it be easier to just manually review the security groups in each account? I mean, how many accounts can there be, really?
upvoted 0 times
...
Bettina
20 days ago
I think the key is to use the management account to access the member accounts and retrieve the security group information. The Lambda function in the management account should be able to do this.
upvoted 0 times
...
Gilma
25 days ago
The correct answer is to use the AWS Organizations API to list the member accounts, then use the AWS Security Group API to retrieve the security group details from each member account.
upvoted 0 times
...
Pamella
1 month ago
I wonder if we also have to consider VPC permissions since we're dealing with EC2 security groups. That could be important too.
upvoted 0 times
...
Brynn
1 month ago
This seems similar to a practice question we did on IAM policies. We might need to attach specific policies to the Lambda function to allow it to describe security groups.
upvoted 0 times
...
Reena
2 months ago
I'm not entirely sure, but I remember something about needing to enable AWS Lambda permissions for EC2 actions.
upvoted 0 times
...
Twana
2 months ago
I think we need to set up cross-account IAM roles to allow the Lambda function in the management account to access the member accounts.
upvoted 0 times
...
Elmira
2 months ago
This seems straightforward enough. I'll focus on the access changes required to retrieve the security group details from the member accounts.
upvoted 0 times
...
Shaunna
2 months ago
No problem, I've done something similar before. I'll make sure to set up the right IAM roles and permissions to access the data I need.
upvoted 0 times
...
Farrah
3 months ago
I'm a bit confused about how to handle the security group information across multiple accounts. Guess I'll need to do some research on that.
upvoted 0 times
...
Ty
3 months ago
Okay, I think I have a plan. I'll need to set up the right permissions and access policies to pull the data from the member accounts.
upvoted 0 times
...
Estrella
3 months ago
Hmm, this seems like a tricky one. I'll need to think through the access requirements carefully.
upvoted 0 times
...

Save Cancel