A major organization is use AWS Organizations to manage its several AWS accounts. All users should have read-only access to a certain Amazon S3 bucket under a central account, per corporate policy. The data in the S3 buckets should not be accessible to anybody outside the corporation. Permissions must be configured and a bucket policy added to the S3 bucket by a SysOps administrator.

Which parameters should be supplied in order to execute this task in the MOST EFFECTIVE way possible?

A. Specify ג€*ג€ as the principal and PrincipalOrgId as a condition.
B. Specify all account numbers as the principal.
C. Specify PrincipalOrgId as the principal.
D. Specify the organization’s master account as the principal.

  Discussion forum


Leave an answer