AWS Organizations

Question 1

What is AWS Organizations?

Answer 1

A mechanism to manage multiple AWS accounts at once.

Question 2

True or false: AWS Organizations allows you to centrally manage policies across all member accounts?

Answer 2

True.

Question 3

Can you control access across all AWS accounts using Organizations?

Answer 3

Yes.

Question 4

True or False: AWS is not yet capable of automating account creation across accounts?

Answer 4

False.

Question 5

Can AWS Organizations consolidate billing across member accounts?

Answer 5

Yes.

Question 6

What is the advantage of access control in AWS Organizations?

Answer 6

Allows you to createService Control Policies (SCP) that centrally control what services users have access to.

Question 7

What does SCP stand for in AWS Organizations?

Answer 7

Service Control Policies

Question 8

An IAM user in an AWS account has access to Kineses. At the same time, that account belongs to an AWS Organization that denies access to Kineses for that account. Will the user have access to Kineses?

Answer 8

No. Service Account Policies that deny access to services will override IAM permissions that allow them.

Question 9

How do you automate the creation of accounts and role assignment via Organization?

Answer 9

Through the AWS Organizations API

Question 10

True or false: AWS Organizations allows you to see account expenses. However, paying the bill is done at the account level.

Answer 10

False. Organizations allows for payment of all account bills through a single centralized payment method.