Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Amazon Exam SAP-C02 Topic 8 Question 34 Discussion

Actual exam question for Amazon's SAP-C02 exam
Question #: 34
Topic #: 8
[All SAP-C02 Questions]

A company has multiple lines of business (LOBs) that toll up to the parent company. The company has asked its solutions architect to develop a solution with the following requirements

* Produce a single AWS invoice for all of the AWS accounts used by its LOBs.

* The costs for each LOB account should be broken out on the invoice

* Provide the ability to restrict services and features in the LOB accounts, as defined by the company's governance policy

* Each LOB account should be delegated full administrator permissions regardless of the governance policy

Which combination of steps should the solutions architect take to meet these requirements'? (Select TWO.)

Show Suggested Answer Hide Answer
Suggested Answer: B, E

Create AWS Organization:

In the AWS Management Console, navigate to AWS Organizations and create a new organization in the parent account.

Invite LOB Accounts:

Invite each Line of Business (LOB) account to join the organization. This allows centralized management and governance of all accounts.

Enable Consolidated Billing:

Enable consolidated billing in the billing console of the parent account. Link all LOB accounts to ensure a single consolidated invoice that breaks down costs per account.

Apply Service Control Policies (SCPs):

Implement Service Control Policies (SCPs) to define the services and features permitted for each LOB account as per the governance policy, while still delegating full administrative permissions to the LOB accounts.

By consolidating billing and using AWS Organizations, the company can achieve centralized billing and governance while maintaining independent administrative control for each LOB account


Contribute your Thoughts:

Jordan
4 months ago
Hmm, I'm not sure about B. Shouldn't we be able to restrict services and features per LOB account? Maybe a combination of B and C would work better.
upvoted 0 times
Alberto
4 months ago
D) Create an SCP that allows only approved services and features then apply the policy to the LOB accounts
upvoted 0 times
...
Gerald
4 months ago
B) Use AWS Organizations to create a single organization in the parent account Then, invite each LOB's AWS account to join the organization.
upvoted 0 times
...
Helene
4 months ago
C) Implement service quotas to define the services and features that are permitted and apply the quotas to each LOB, as appropriate
upvoted 0 times
...
Marsha
4 months ago
A) Use AWS Organizations to create an organization in the parent account for each LOB Then invite each LOB account to the appropriate organization
upvoted 0 times
...
...
Jordan
5 months ago
That's a good point, we can use service quotas in combination with AWS Organizations to meet all the requirements.
upvoted 0 times
...
Evangelina
5 months ago
But shouldn't we also implement service quotas to restrict certain services for each LOB?
upvoted 0 times
...
Maynard
5 months ago
I agree, that way we can easily manage the accounts and control the permissions.
upvoted 0 times
...
Margery
5 months ago
D looks tempting, but I'm not sure that giving each LOB full admin permissions aligns with the governance policy requirements. B is probably the safer choice.
upvoted 0 times
Josphine
4 months ago
That's a good point. B seems like the better option to ensure we meet all the requirements.
upvoted 0 times
...
Shelia
4 months ago
True, but D might not align with the governance policy requirements if it gives full admin permissions to each LOB account.
upvoted 0 times
...
Meaghan
4 months ago
But D could also work if we create a policy that only allows approved services and features in the LOB accounts.
upvoted 0 times
...
Joni
5 months ago
I think B is the safer choice as it allows us to invite each LOB's AWS account to join a single organization in the parent account.
upvoted 0 times
...
...
Lashandra
5 months ago
I agree, B is the way to go. Consolidated billing is key here, and having a single organization makes that easier to manage.
upvoted 0 times
...
Temeka
5 months ago
Option B seems like the most straightforward way to handle the requirements. Creating a single organization and adding the LOB accounts seems simpler than creating multiple organizations.
upvoted 0 times
Dierdre
4 months ago
Yes, creating a single organization and inviting the LOB accounts would simplify the process.
upvoted 0 times
...
Dalene
5 months ago
I agree, Option B does seem like the most straightforward approach.
upvoted 0 times
...
...
Jordan
5 months ago
I think we should use AWS Organizations to create an organization for each LOB.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77