AWS Certified Solutions Architect – Professional SAP-C01 – Question675

A company has multiple lines of business (LOBs) that roll up to the parent company. The company has asked its solutions architect to develop a solution with the following requirements:

  • Produce a single AWS invoice for all of the AWS accounts used by its LOBs.
  • The costs for each LOB account should be broken out on the invoice.
  • Provide the ability to restrict services and features in the LOB accounts, as defined by the company’s governance policy.
  • Each LOB account should be delegated full administrator permissions, regardless of the governance policy.

Which combination of steps should the solutions architect take to meet these requirements? (Choose two.)

A.
Use AWS Organizations to create an organization in the parent account for each LOB. Then, invite each LOB account to the appropriate organization.
B. Use AWS Organizations to create a single organization in the parent account. Then, invite each LOB’s AWS account to pin the organization.
C. Implement service quotas to define the services and features that are permitted and apply the quotas to each LOB as appropriate.
D. Create an SCP that allows only approved services and features, then apply the policy to the LOB accounts. Enable consolidated billing in the parent account’s billing console and link the LOB accounts.

Correct Answer: CD