ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 986 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional
Question #: 986
Topic #: 1
[All AWS Certified Solutions Architect - Professional Questions]

A company uses AWS Organizations to manage multiple AWS accounts. The accounts share an Amazon Simple Queue Service (Amazon SQS) queue. The SQS queue is also shared with other AWS accounts outside the organization. All internal and external accounts have access to send and receive messages according to a permissions policy that is attached to the SQS queue. The company wants to identify any external principals that have access to the SQS queue.

How should a solutions architect meet this requirement?

  • A. Set up an AWS CloudTrail trail that logs data events. Use CloudTrail logs to track Amazon SQS API activities by any external principals.
  • B. Use an AWS Identity and Access Management Access Analyzer to create an analyzer with the current organization as a zone of trust. Filter by external findings on the SQS queue.
  • C. Set up an AWS CloudTrail trail that logs management events. Use CloudTrail logs to track Amazon SQS API activities by any external principals.
  • D. Use AWS Identity and Access Management Access Analyzer to create an analyzer with the current account as a zone of trust. Filter by external findings on the SQS queue.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by due at Dec. 16, 2022, 6:07 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
SkyZeroZx
1 year, 10 months ago
Selected Answer: B
identify any external principals that have access to the SQS queue + AWS Organizations to manage multiple AWS accounts. = Access Analyzer + organization as a zone of trust.
upvoted 1 times
...
zozza2023
2 years, 3 months ago
Selected Answer: B
should be B
upvoted 1 times
...
ggrodskiy
2 years, 3 months ago
Correct B for me. https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html
upvoted 2 times
...
syaldram
2 years, 3 months ago
Selected Answer: B
I go with B
upvoted 1 times
...
due
2 years, 4 months ago
Selected Answer: B
identify any external principals that have access to the SQS queue + AWS Organizations to manage multiple AWS accounts. = Access Analyzer + organization as a zone of trust.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago