A company has multiple AWS accounts that are part of AWS Organizations. The company's Security team wants to ensure that even those Administrators with full access to the company's AWS accounts are unable to access the company's Amazon S3 buckets. How should this be accomplished?
A) Use SCPs.
B) Add a permissions boundary to deny access to Amazon S3 and attach it to all roles.
C) Use an S3 bucket policy.
D) Create a VPC endpoint for Amazon S3 and deny statements for access to Amazon S3.
Correct Answer:
Verified
Q173: A company has decided to use encryption
Q174: A security engineer is setting up a
Q175: A Security Engineer creates an Amazon S3
Q176: Authorized Administrators are unable to connect to
Q177: A company's Security Engineer is copying all
Q179: A company's Information Security team wants to
Q180: A company has hundreds of AWS accounts,
Q181: Which of the following are valid configurations
Q182: A company is setting up products to
Q183: A company's director of information security wants
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents