Which combination of steps will accomplish this?

Posted by: Pdfprep Category: DOP-C01 Tags: , ,

A DevOps Engineer must ensure all IAM entity configurations across multiple AWS accounts in AWS Organizations are compliant with corporate IAM policies.

Which combination of steps will accomplish this? (Choose two.)
A . Enable AWS Trusted Advisor in Organizations for all accounts to report on noncompliant IAM entities.
B . Configure an AWS Config aggregator in the Organizations master account for all accounts.
C . Deploy AWS Config rules to the master account in Organizations that match corporate IAM policies.
D . Apply an SCP in Organizations to ensure compliance of IAM entities.
E . Deploy AWS Config rules to all accounts in Organizations that match the corporate IAM policies.

Answer: DE

Explanation:

Reference:

https://aws.amazon.com/blogs/mt/manage-custom-aws-config-rules-with-remediations-using­conformance-packs/?nc1=b_rp

https://aws.amazon.com/blogs/security/announcing-aws-organizations-centrally-manage-multiple-aws­accounts/

Leave a Reply

Your email address will not be published.