Scenario: Your organization has multiple AWS accounts for different departments. How would you set up Cross-Account Access to allow a central security team to audit resources across all accounts?

  • Create IAM roles with appropriate permissions in each account and establish trust relationships with the central security account.
  • Enable AWS Organizations and configure cross-account access policies for the central security team.
  • Share root account credentials with the central security team for direct access to all accounts.
  • Use IAM users with cross-account access policies for each department to grant access to the central security team.
By creating IAM roles with the necessary permissions in each AWS account and establishing trust relationships with the central security account, you can enable the central security team to audit resources across all accounts securely.
Add your answer
Loading...

Leave a comment

Your email address will not be published. Required fields are marked *