AWS Certified Cloud Practitioner — Question 814
A company wants to automatically set up and govern a multi-account AWS environment.
Which AWS service provides this functionality?
Answer options
- A. AWS IAM Identity Center (AWS Single Sign-On)
- B. AWS Systems Manager
- C. AWS Config
- D. AWS Control Tower
Correct answer: D
Explanation
AWS Control Tower is specifically designed to automate the setup and governance of a secure, multi-account AWS environment based on best practices. While AWS Config tracks resource configurations and AWS Systems Manager handles operational management, only AWS Control Tower provides the automated multi-account orchestration and governance framework.