Amazon Exam SAP-C02 Topic 8 Question 34 Discussion

Actual exam question for Amazon's SAP-C02 exam

Question #: 34
Topic #: 8

A company has multiple lines of business (LOBs) that toll up to the parent company. The company has asked its solutions architect to develop a solution with the following requirements

* Produce a single AWS invoice for all of the AWS accounts used by its LOBs.

* The costs for each LOB account should be broken out on the invoice

* Provide the ability to restrict services and features in the LOB accounts, as defined by the company's governance policy

* Each LOB account should be delegated full administrator permissions regardless of the governance policy

Which combination of steps should the solutions architect take to meet these requirements'? (Select TWO.)

AUse AWS Organizations to create an organization in the parent account for each LOB Then invite each LOB account to the appropriate organization

BUse AWS Organizations to create a single organization in the parent account Then, invite each LOB's AWS account lo join the organization.

CImplement service quotas to define the services and features that are permitted and apply the quotas to each LOB. as appropriate

DCreate an SCP that allows only approved services and features then apply the policy to the LOB accounts

EEnable consolidated billing in the parent account's billing console and link the LOB accounts

Show Suggested Answer

Suggested Answer: B, E

Create AWS Organization:

In the AWS Management Console, navigate to AWS Organizations and create a new organization in the parent account.

Invite LOB Accounts:

Invite each Line of Business (LOB) account to join the organization. This allows centralized management and governance of all accounts.

Enable Consolidated Billing:

Enable consolidated billing in the billing console of the parent account. Link all LOB accounts to ensure a single consolidated invoice that breaks down costs per account.

Apply Service Control Policies (SCPs):

Implement Service Control Policies (SCPs) to define the services and features permitted for each LOB account as per the governance policy, while still delegating full administrative permissions to the LOB accounts.

By consolidating billing and using AWS Organizations, the company can achieve centralized billing and governance while maintaining independent administrative control for each LOB account

by Devorah at Jun 29, 2024, 06:22 PM

Limited Time Offer

25%

Off

Get Premium SAP-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Jordan

10 months ago

Hmm, I'm not sure about B. Shouldn't we be able to restrict services and features per LOB account? Maybe a combination of B and C would work better.

upvoted 0 times

Alberto

9 months ago

D) Create an SCP that allows only approved services and features then apply the policy to the LOB accounts

upvoted 0 times

...

Gerald

10 months ago

B) Use AWS Organizations to create a single organization in the parent account Then, invite each LOB's AWS account to join the organization.

upvoted 0 times

...

Helene

10 months ago

C) Implement service quotas to define the services and features that are permitted and apply the quotas to each LOB, as appropriate

upvoted 0 times

...

Marsha

10 months ago

A) Use AWS Organizations to create an organization in the parent account for each LOB Then invite each LOB account to the appropriate organization

upvoted 0 times

...

Jordan

11 months ago

That's a good point, we can use service quotas in combination with AWS Organizations to meet all the requirements.

upvoted 0 times

...

Evangelina

11 months ago

But shouldn't we also implement service quotas to restrict certain services for each LOB?

upvoted 0 times

...

Maynard

11 months ago

I agree, that way we can easily manage the accounts and control the permissions.

upvoted 0 times

...

Margery

11 months ago

D looks tempting, but I'm not sure that giving each LOB full admin permissions aligns with the governance policy requirements. B is probably the safer choice.

upvoted 0 times

Josphine

10 months ago

That's a good point. B seems like the better option to ensure we meet all the requirements.

upvoted 0 times

...

Shelia

10 months ago

True, but D might not align with the governance policy requirements if it gives full admin permissions to each LOB account.

upvoted 0 times

...

Meaghan

10 months ago

But D could also work if we create a policy that only allows approved services and features in the LOB accounts.

upvoted 0 times

...

Joni

11 months ago

I think B is the safer choice as it allows us to invite each LOB's AWS account to join a single organization in the parent account.

upvoted 0 times

...

Lashandra

11 months ago

I agree, B is the way to go. Consolidated billing is key here, and having a single organization makes that easier to manage.

upvoted 0 times

...

Temeka

11 months ago

Option B seems like the most straightforward way to handle the requirements. Creating a single organization and adding the LOB accounts seems simpler than creating multiple organizations.

upvoted 0 times

Dierdre

10 months ago

Yes, creating a single organization and inviting the LOB accounts would simplify the process.

upvoted 0 times

...

Dalene

10 months ago

I agree, Option B does seem like the most straightforward approach.

upvoted 0 times

...

Jordan

11 months ago

I think we should use AWS Organizations to create an organization for each LOB.

upvoted 0 times

...