How can the Security Engineer provide the Developer with Amazon S3 access without affecting other accounts?

Posted by: Pdfprep Category: SCS-C01 Tags: AWS Certified Specialty, SCS-C01 exam questions, SCS-C01 practice exam Post Date: January 29, 2021

A Developer signed in to a new account within an AWS Organizations organizations unit (OU) containing multiple accounts.

Access to the Amazon S3 service is restricted with the following SCP:

How can the Security Engineer provide the Developer with Amazon S3 access without affecting other accounts?
A . Move the SCP to the root OU of Organizations to remove the restriction to access Amazon S3.
B . Add an IAM policy for the Developer, which grants S3 access.
C . Create a new OU without applying the SCP restricting S3 access. Move the Developer account to this new O
E . Add an allow list for the Developer account for the S3 service.

Answer: B

How can the Security Engineer provide the Developer with Amazon S3 access without affecting other accounts?

Author

Leave a Reply Cancel reply