🔥 3-day streak
AWS Certified CloudOps Engineer - Associate127 / 159
Question 127 of 159
A company uses AWS Organizations with all features enabled. The security team requires that no IAM principal in any member account—including account root users and local administrators—can stop, delete, or disable the organization CloudTrail trail or its logging. Individual account teams still need full administrative access for all other services. Which approach enforces this requirement most effectively?
Reviewed for accuracy · Report an issueNext question