New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon SAP-C02 Exam - Topic 9 Question 36 Discussion

Actual exam question for Amazon's SAP-C02 exam
Question #: 36
Topic #: 9
[All SAP-C02 Questions]

A large mobile gaming company has successfully migrated all of its on-premises infrastructure to the AWS Cloud. A solutions architect is reviewing the environment to ensure that it was built according to the design and that it is running in alignment with the Well-Architected Framework.

While reviewing previous monthly costs in Cost Explorer, the solutions architect notices that the creation and subsequent termination of several large instance types account for a high proportion of the costs. The solutions architect finds out that the company's developers are launching new Amazon EC2 instances as part of their testing and that the developers are not using the appropriate instance types.

The solutions architect must implement a control mechanism to limit the instance types that only the developers can launch.

Which solution will meet these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: B, E

Create AWS Organization:

In the AWS Management Console, navigate to AWS Organizations and create a new organization in the parent account.

Invite LOB Accounts:

Invite each Line of Business (LOB) account to join the organization. This allows centralized management and governance of all accounts.

Enable Consolidated Billing:

Enable consolidated billing in the billing console of the parent account. Link all LOB accounts to ensure a single consolidated invoice that breaks down costs per account.

Apply Service Control Policies (SCPs):

Implement Service Control Policies (SCPs) to define the services and features permitted for each LOB account as per the governance policy, while still delegating full administrative permissions to the LOB accounts.

By consolidating billing and using AWS Organizations, the company can achieve centralized billing and governance while maintaining independent administrative control for each LOB account


by Frank at Jul 16, 2024, 03:05 AM

Limited Time Offer

25%

Off

Get Premium SAP-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Pamella
2 months ago
Wait, they were launching large instances for testing? That's wild!
upvoted 0 times
...
Gladis
2 months ago
I think B is better, launch templates are easier for devs to use.
upvoted 0 times
...
Danilo
3 months ago
C seems too restrictive, developers need some flexibility.
upvoted 0 times
...
Tomas
3 months ago
D doesn't really address the instance type issue, right?
upvoted 0 times
...
Erick
3 months ago
Option A sounds solid, using AWS Config is a smart move.
upvoted 0 times
...
Kate
3 months ago
I don't think EC2 Image Builder is relevant to this scenario since it focuses more on image creation rather than instance type restrictions.
upvoted 0 times
...
Dominque
4 months ago
I practiced a similar question about IAM policies, and I feel like creating a policy to restrict instance types might be the right approach here.
upvoted 0 times
...
Melodie
4 months ago
I think using a launch template could work, but I’m not clear on how to assign it specifically to the developers' IAM accounts.
upvoted 0 times
...
Jessenia
4 months ago
I remember studying about AWS Config rules, but I'm not entirely sure if they can limit instance types directly.
upvoted 0 times
...
Ashanti
4 months ago
Option D with EC2 Image Builder seems interesting, but I'm not sure if that's the most direct way to solve this problem. I think I'll focus on the more straightforward solutions like the launch template or the AWS Config rule.
upvoted 0 times
...
Edna
4 months ago
I like the idea of using an IAM policy to restrict the instance types, as suggested in option C. That way, the developers won't be able to launch any instances outside of the approved list, regardless of the method they use.
upvoted 0 times
...
Ranee
4 months ago
Hmm, I'm a bit unsure about this one. The question mentions a "control mechanism," so I'm not sure if a launch template is the best solution. Maybe option A with the AWS Config rule would be a better fit to automatically enforce the allowed instance types.
upvoted 0 times
...
Tamra
5 months ago
This seems like a straightforward question about controlling EC2 instance types. I think I'll go with option B - creating a launch template and assigning it to the developers' IAM accounts. That way, they can only launch the approved instance types.
upvoted 0 times
...
Yun
5 months ago
I'm pretty confident that PolarDB-O, ADAM, and DTS are the correct answers here. Those solutions seem well-suited for an Oracle to Alibaba Cloud migration.
upvoted 0 times
...
Harrison
5 months ago
I feel pretty confident that the answer is B. Delivering a high-quality, cost-effective product or service that meets customer needs is the true measure of a program's success, not just managing the projects well.
upvoted 0 times
...
Macy
10 months ago
Whichever option we choose, I hope the developers don't start launching instances with their credit cards instead. That would be a whole new problem to deal with!
upvoted 0 times
Maybelle
8 months ago
A: That's a good point! We need to make sure they stick to the allowed instance types to avoid any unexpected costs.
upvoted 0 times
...
Danica
8 months ago
B: In the EC2 console, create a launch template that specifies the instance types that are allowed. Assign the launch template to the developers' IAM accounts.
upvoted 0 times
...
Claudio
9 months ago
A: Create a desired-instance-type managed rule in AWS Config. Configure the rule with the instance types that are allowed. Attach the rule to an event to run each time a new EC2 instance is launched.
upvoted 0 times
...
...
Brande
10 months ago
D seems like overkill for this scenario. Creating a custom image pipeline just to control instance types? I'd go with a more straightforward approach like C or B.
upvoted 0 times
Tegan
9 months ago
Creating a launch template in the EC2 console could also work well to limit the instance types.
upvoted 0 times
...
Gianna
10 months ago
Yeah, attaching the policy to an IAM group for the developers would make it easier to manage.
upvoted 0 times
...
Alona
10 months ago
I think creating a new IAM policy with the allowed instance types is a good idea.
upvoted 0 times
...
Reita
10 months ago
I agree, D does seem like overkill for this situation.
upvoted 0 times
...
...
Tonja
10 months ago
Option B looks good too. Using a launch template to restrict the instance types is a neat way to enforce the policy, and it's more user-friendly for the developers.
upvoted 0 times
...
Tamar
10 months ago
I'm not sure, but I think option B could also work by assigning launch templates to developers' IAM accounts.
upvoted 0 times
...
Denise
10 months ago
I think option C is the best solution. By creating a custom IAM policy, we can granularly control the instance types the developers can launch, without impacting the rest of the organization.
upvoted 0 times
Alex
10 months ago
I agree, creating a new IAM policy is a straightforward way to control the instance types for developers.
upvoted 0 times
...
Daniel
10 months ago
Option C is a good choice. It allows us to specify the instance types that developers can launch.
upvoted 0 times
...
...
Junita
10 months ago
I agree with Kanisha, creating a managed rule in AWS Config seems like the most efficient way to limit instance types.
upvoted 0 times
...
Kanisha
11 months ago
I think option A is the best solution.
upvoted 0 times
...

Save Cancel