A company has a project that is launching Amazon EC2 instances that are larger than required. The project’s account cannot be part of the company’s organization in AWS Organizations due to policy restrictions to keep this activity outside of corporate IT. The company wants to allow only the launch of t3.small EC2 instances by developers in the project’s account. These EC2 instances must be restricted to the us-east-2 Region. What should a solutions architect do to meet these requirements?

QuestionsCategory: SAP-C02A company has a project that is launching Amazon EC2 instances that are larger than required. The project’s account cannot be part of the company’s organization in AWS Organizations due to policy restrictions to keep this activity outside of corporate IT. The company wants to allow only the launch of t3.small EC2 instances by developers in the project’s account. These EC2 instances must be restricted to the us-east-2 Region. What should a solutions architect do to meet these requirements?
Admin Staff asked 10 months ago
A company has a project that is launching Amazon EC2 instances that are larger than required. The project's account cannot be part of the company's organization in AWS Organizations due to policy restrictions to keep this activity outside of corporate IT. The company wants to allow only the launch of t3.small EC2 instances by developers in the project's account. These EC2 instances must be restricted to the us-east-2 Region.
What should a solutions architect do to meet these requirements?

A. Create a new developer account. Move all EC2 instances, users, and assets into us-east-2. Add the account to the company's organization in AWS Organizations. Enforce a tagging policy that denotes Region a nity.

B. Create an SCP that denies the launch of all EC2 instances except t3.small EC2 instances in us-east-2. Attach the SCP to the project's account.

C. Create and purchase a t3.small EC2 Reserved Instance for each developer in us-east-2. Assign each developer a specific EC2 instance with their name as the tag.

D. Create an IAM policy than allows the launch of only t3.small EC2 instances in us-east-2. Attach the policy to the roles and groups that the developers use in the project's account.




 
Correct Answer: D

This question is in SAP-C02 exam
For getting AWS Certified Solutions Architect Professional Certificate


Next Post

Recommended

Welcome Back!

Login to your account below

Create New Account!

Fill the forms below to register

Retrieve your password

Please enter your username or email address to reset your password.