Practice free →
HomeAWS Solutions Architect Professionalcloudcomputingsapcomplexity › An enterprise wants to enforce 'no resources in …

An enterprise wants to enforce 'no resources in eu-central-1' and 'no IAM users with admin policy' across every account under an OU. Which AWS feature applies these guardrails?

ACloudTrail-only auditing without prevention
BPer-account IAM policies copied manually
CAsking developers nicely
DService Control Policies (SCPs) in AWS Organizations
Answer & Solution
Correct answer: D. Service Control Policies (SCPs) in AWS Organizations
SCPs at OU/account scope are preventive guardrails in Organizations. Per-account IAM policies don't enforce org-wide; CloudTrail is reactive; trust is not a control.
Solve this in the app — AWS Solutions Architect Professional practice & 24k+ MCQs →
Related questions