U.S. Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Amazon PAS-C01 Exam - Topic 4 Question 72 Discussion

A company is starting a new project to implement an SAP landscape with multiple accounts that belong to multiple teams in the us-east-2 Region. These teams include procurement finance sales and human resources An SAP solutions architect has started designing this new landscape and the AWS account structuresThe company wants to use automation as much as possible The company also wants to secure the environment implement federated access to accounts centralize logging and establish cross-account security audits in addition the company's management team needs to receive a top-level summary of policies that are applied to the AWS accounts.What should the SAP solutions architect do to meet these requirements?
D) Apply SCPs through AWS Control Tower Use the AWS Control Tower integrated dashboard to check the applied policies in the accounts
A) Use AWS CloudFormation StackSets to apply SCPs to multiple accounts in multiple Regions. Use an Amazon CloudWatch dashboard to check the applied policies in the accounts
B) Use an AWS Elastic Beanstalk blue green deployment to create 1AM policies and apply them to multiple accounts together Use an Amazon CloudWatch dashboard to check the applied policies in the accounts
C) Implement guardrails by using AWS CodeDeploy and AWS CodePipeline to deploy SCPs into each account Use the CodePipeline deployment dashboard to check the applied policies in the accounts

Amazon PAS-C01 Exam - Topic 4 Question 72 Discussion

Actual exam question for Amazon's PAS-C01 exam
Question #: 72
Topic #: 4
[All PAS-C01 Questions]

A company is starting a new project to implement an SAP landscape with multiple accounts that belong to multiple teams in the us-east-2 Region. These teams include procurement finance sales and human resources An SAP solutions architect has started designing this new landscape and the AWS account structures

The company wants to use automation as much as possible The company also wants to secure the environment implement federated access to accounts centralize logging and establish cross-account security audits in addition the company's management team needs to receive a top-level summary of policies that are applied to the AWS accounts.

What should the SAP solutions architect do to meet these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: D

AWS Control Tower is a service that automates the set up of a secure, compliant, multi-account AWS environment. It helps to establish guardrails and automate the deployment of security policies to multiple accounts in a centralized and consistent manner. By using AWS Control Tower, the SAP solutions architect can establish guardrails across all accounts, set up federated access, centralize logging, and establish cross-account security audits. The integrated dashboard in AWS Control Tower allows the management team to receive a top-level summary of policies that are applied to the AWS accounts. This will help the company to meet their requirements of using automation as much as possible, securing the environment and implementing federated access to accounts, centralizing logging and establishing cross-account security audits.


Contribute your Thoughts:

0/2000 characters
Ngoc
1 month ago
I remember studying about AWS Control Tower and how it helps in managing multiple accounts. It seems like a good fit for applying SCPs across accounts.
upvoted 0 times
...

Save Cancel