Posted by: Pdfprep
Post Date: January 29, 2021
A Developer signed in to a new account within an AWS Organizations organizations unit (OU) containing multiple accounts.
Access to the Amazon S3 service is restricted with the following SCP:
How can the Security Engineer provide the Developer with Amazon S3 access without affecting other accounts?
A . Move the SCP to the root OU of Organizations to remove the restriction to access Amazon S3.
B . Add an IAM policy for the Developer, which grants S3 access.
C . Create a new OU without applying the SCP restricting S3 access. Move the Developer account to this new O
E . Add an allow list for the Developer account for the S3 service.
Answer: B
Leave a Reply