Organisations

Question 1

What do organisations do?

Answer 1

Help you manage multiple accounts

Question 2

Why might you want multiple AWS accounts?

Answer 2

Cost optimisation
Billing
Security
Governance
Management of workloads
Resource grouping

Question 3

What are the components of an organisation?

Answer 3

Organisation
root
organizational units
Accounts
SCP

Question 4

What is the root in an AWS organisation?

Answer 4

It sits below the organisation, and contains all accounts.

Question 5

What is an Organisational Unit in Organisations?

Answer 5

Allow you to group accounts in your AWS organisation.

Question 6

How many times can an organisation unit be nested?

Answer 6

5

Question 7

What does SCP mean?

Answer 7

Service Control Policy

Question 8

SCPs are enabled by default?

Answer 8

False

Question 9

True or false. An SCP does not grant access. But adds a guard rail to define what is allowed?

Answer 9

True

Question 10

How many digits in an AWS account number?

Answer 10

12

Question 11

True or false. It’s best practise to only use your AWS master account, for organisational management only.

Answer 11

True.

Question 12

True or false. You have an SCP configured, so you don’t need to configure identity or resource policies in your account?

Answer 12

False.

Question 13

You have an IAM policy allowing full access to a resource. However you also have an SCP which denies access to S3. What will the outcome be?

Answer 13

Access will be denied.

Question 14

Are master accounts effected by SCPs?

Answer 14

No.

Question 15

Service linked roles and cloud front keys fall under the remit of SCPs?

Answer 15

False