A company uses AWS Organizations to manage its AWS accounts. The company has a root OU that has a child OU. The root OU has an SCP that allows all actions on all resources. The child OU has an SCP that allows all actions for Amazon DynamoDB and AWS Lambda, and denies all other actions.
The company has an AWS account that is named vendor-data in the child OU. A DevOps engineer has an IAM user that is attached to the Administrator Access IAM policy in the vendor-data account. The DevOps engineer attempts to launch an Amazon EC2 instance in the vendor-data account but receives an access denied error.
Which change should the DevOps engineer make to launch the EC2 instance in the vendor-data account?
c3518fc
1 week, 2 days agodkp
2 weeks, 6 days agoWhyIronMan
1 month agostoy123
1 month, 1 week agostoy123
1 month, 1 week agoDanShone
1 month, 2 weeks agothanhnv142
2 months, 3 weeks agostoy123
1 month, 1 week agoa54b16f
3 months, 3 weeks agod262e67
4 months agoPrasannaBalaji
4 months agocsG13
4 months ago