AWS Organizations Flashcards

1
Q

AWS Organizations’ best feature is ___________ ________

A
  • AWS Organizations’ best feature is Consolidated Billing
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

AWS Organizations Policies are applied to _____ accounts or __________ ____

A

AWS Organizations Policies are applied to root accounts or Organizational Units (OUs)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

With consolidated Billing, _______ reserved EC2 instances are applied across the _____

A

With consolidated Billing, unused reserved EC2 instances are applied across the group

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Service Control Policies manage the maximum available __________

A

Service Control Policies manage the maximum available permissions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

SCPs must have all features in Organization _____

A

SCPs must have all features in Organization enabled

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

SCPs can be assigned at different _____ in the _________

A

SCPs can be assigned at different points in the hierarchy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

SCPs only affect IAM _____ and _____ but do not affect _________ policies

A

SCPs only affect IAM users and roles but do not affect resources policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

SCPs affect the ____ account and ______ accounts but do not affect any action performed by the _________ account

A

SCPs affect the root account and member accounts but do not affect any action performed by the management account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

SCPs Allow list strategy:

  • No APIs are permitted anywhere unless you __________ _____ them
A
  • No APIs are permitted anywhere unless you explicitly allow them
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Accounts can be migrated between organizations. To do this, you must have ____ or IAM permissions to both the member and _________ accounts

A

To do this, you must have root or IAM permissions to both the member and management accounts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

If you’re just migrating a few accounts, you can use the AWS Organizations console. But if there are many accounts to migrate use the AWS ____________ API or AWS ____

A

If you’re just migrating a few accounts, you can use the AWS Organizations console. But if there are many accounts to migrate use the AWS Organizations API or AWS CLI

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Consolidated Billing can help with cost control through volume discounts, but the number of accounts you can link is limited to

A

20 linked accounts for consolidated billing (default)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A benefit of Consolidated Billing is a combined view of ______ incurred by all your _______

A

A benefit of Consolidated Billing is a combined view of charges incurred by all your accounts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

With Consolidated Billing Paying accounts should be used for _______ purposes ____

A

With Consolidated Billing Paying accounts should be used for billing purposes only

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the only way to restrict what the root account can do?

A

Service Control Policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How can you use AWS Organizations to Centralize all your CloudTrail Logs?

A

CloudTrail allows you to log everything into a Single AWS account.

17
Q

AWS Organization allows you to ______ workloads into separate accounts, which is a great way to add more layers of _______ and control.

A

AWS Organization allows you to isolate workloads into separate accounts which is a great way to add more layers of security and controls.

18
Q

AWS Config is great for setting standardization across ___ ____ ______

A

AWS Config is great for setting standardization across all your account.

19
Q

AWS Config will also check for compliance and automatically ________ problems using _________ documents.

A

AWS Config will also check for compliance and automatically remediate problems using automation documents.

20
Q

Which AWS feature will provide you with a history of all changes to your architecture.

A

AWS Config

21
Q

If AD is staying on-premises should you use AWS Managed Microsoft AD vs. AD Connector?

A

AD connector

22
Q

Trusted Advisor is free to use but you’ll need a _________ or _________ _________ plan to get the most useful checks it offers.

A

Trusted Advisor is free to use but you’ll need a Business or Enterprise Support plan to get the most useful checks it offers.

23
Q

Keep in mind that Trusted Advisor is only an ________ ____ it will not _____ the problem for you.

A

Keep in mind that Trusted Advisor is only an auditing tool it will not solve the problem for you.

24
Q

To solve a problem, Trusted Advisor has found use _________ to kick off a ______ ________ .

A

To solve a problem, Trusted Advisor has found use Eventbridge to kick off a Lambda function

25
Q

AWS Config will send you a notification in regards to a resource if what three scenarios?

A

AWS Config will send you a notification if a resource is created, deleted, or modified

26
Q

AWS Config allows you to see __________ between your _________ resources

A

AWS Config allows you to see relationships between your different resources

27
Q

AWS OpsWorks is a configuration management service that provides managed instances of ____ and _______

A

AWS OpsWorks is a configuration management service that provides managed instances of Chef and Puppet

28
Q

AWS Resource Access Manager (RAM) allows you to share resources across: (3)

AWS ________

AWS _____________ or OUs

IAM ____ and IAM users

A

AWS Resource Access Manager (RAM) allows you to share resources across:

AWS Accounts

AWS Organizations or OUs

IAM roles and IAM users

29
Q

AWS Resource Access Manager (RAM) can be used to share which three resources?

A

VPC

EC2

Route 53

30
Q

If moving everything to the cloud which service should you use AWS Managed Microsoft AD vs. AD Connector?

A

If moving everything to the cloud use Managed Microsoft AD

31
Q

Chef and Puppet are automation platforms that allow you to use code to ________ the configurations of your _______.

A

Chef and Puppet are automation platforms that allow you to use code to automate the configurations of your servers.

32
Q

AWS ___________ is a configuration management service that provides managed instances of Chef and Puppet.

A

AWS OpsWorks is a configuration management service that provides managed instances of Chef and Puppet.

33
Q

OpsWorks lets you use Chef and Puppet to automate how servers are _________, ________, and _______ across your Amazon EC2 instances or on-premises

A

OpsWorks lets you use Chef and Puppet to automate how servers are configured, managed, and deployed across your Amazon EC2 instances or on-premises