Amazon Exam DOP-C01 Topic 17 Question 75 Discussion

Actual exam question for Amazon's DOP-C01 exam

Question #: 75
Topic #: 17

A company has multiple child accounts that are part of an organization in AWS Organizations. The security team needs to review every Amazon EC2 security group and their inbound and outbound rules. The security team wants to programmatically retrieve this information from the child accounts using an AWS Lambda function in the master account of the organization.

Which combination of access changes will meet these requirements? (Select THREE.)

ACreate a trust relationship that allows users in the child accounts to assume the master account IAM role.

BCreate a trust relationship that allows users in the master account to assume the IAM roles of the child accounts.

CCreate an IAM role in each child account that has access to the AmazonEC2ReadOnlyAccess managed policy.

DCreate an IAM role in each child account to allow the sts:AssumeRole action against the master account IAM role's ARN.

ECreate an IAM role in the master account that allows the sts:AssumeRole action against the child account IAM role's ARN.

FCreate an IAM role in the master account that has access to the AmazonEC2ReadOnlyAccess managed policy.

Show Suggested Answer

Suggested Answer: A, D, F

by Ceola at May 24, 2023, 07:16 PM

Limited Time Offer

25%

Off

Get Premium DOP-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!