Amazon Web Services Related Exams
DOP-C02 Exam
A company is using AWS Organizations and wants to implement a governance strategy with the following requirements:
AWS resource access is restricted to the same two Regions for all accounts.
AWS services are limited to a specific group of authorized services for all accounts.
Authentication is provided by Active Directory .
Access permissions are organized by job function and are identical in each account.
Which solution will meet these requirements?
A company requires its internal business teams to launch resources through pre-approved AWS CloudFormation templates only. The security team requires automated monitoring when resources drift from their expected state.
Which strategy should be used to meet these requirements?
A company ' s application teams use AWS CodeCommit repositories for their applications. The application teams have repositories in multiple AWS
accounts. All accounts are in an organization in AWS Organizations.
Each application team uses AWS IAM Identity Center (AWS Single Sign-On) configured with an external IdP to assume a developer IAM role. The developer role allows the application teams to use Git to work with the code in the repositories.
A security audit reveals that the application teams can modify the main branch in any repository. A DevOps engineer must implement a solution that
allows the application teams to modify the main branch of only the repositories that they manage.
Which combination of steps will meet these requirements? (Select THREE.)