Prev Question
Next Question

A customer needs corporate IT governance and cost oversight of all AWS resources consumed by its divisions.
The divisions want to maintain administrative control of the discrete AWS resources they consume and keep
those resources separate from the resources of other divisions. Which of the following options, when used
together will support the autonomy/control of divisions while enabling corporate IT to maintain governance and
cost oversight? Choose 2 answers.

A.
Use AWS Consolidated Billing and disable AWS root account access for the child accounts.

B.
Enable IAM cross-account access for all corporate IT administrators in each child account.

C.
Create separate VPCs for each division within the corporate IT AWS account.

D.
Use AWS Consolidated Billing to link the divisions’ accounts to a parent corporate account.

E.
Write all child AWS CloudTrail and Amazon CloudWatch logs to each child account’s Amazon S3 ‘Log’
bucket.

Explanation:
http://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html http://
docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/consolidated-billing.html

Prev Question
Next Question

Leave a Reply

Your email address will not be published. Required fields are marked *