What is the MOST operationally efficient solution that will prevent developers from launching Amazon EC2 instances in other Regions?

SCS-C02 V2 0 Comments

A company wants to ensure that its IAM resources can be launched only in the us-east-1 and us-west-2 Regions.

What is the MOST operationally efficient solution that will prevent developers from launching Amazon EC2 instances in other Regions?
A . Enable Amazon GuardDuty in all Regions. Create alerts to detect unauthorized activity outside us-east-1 and us-west-2.
B . Use an organization in IAM Organizations. Attach an SCP that allows all actions when the IAM: Requested Region condition key is either us-east-1 or us-west-2. Delete the FullIAMAccess policy.
C . Provision EC2 resources by using IAM Cloud Formation templates through IAM CodePipeline. Allow only the values of us-east-1 and us-west-2 in the IAM CloudFormation template’s parameters.
D . Create an IAM Config rule to prevent unauthorized activity outside us-east-1 and us-west-2.

Answer: B

Latest SCS-C02 Dumps Valid Version with 235 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download SCS-C02 PDF     SCS-C02 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments