AWS Certified SysOps Administrator – Associate (SOA-C03) — Question 62

A CloudOps engineer has successfully deployed a VPC with an AWS CloudFormation template The CloudOps engineer wants to deploy the same template across multiple accounts that are managed through AWS Organizations.
Which solution will meet this requirement with the LEAST operational overhead?

Answer options

• A. Assume the OrganizationAccountAccessRole IAM role from the management account. Deploy the template in each of the accounts.
• B. Create an AWS Lambda function to assume a role in each account. Deploy the template by using the AWS CloudFormation CreateStack API call.
• C. Create an AWS Lambda function to query for a list of accounts. Deploy the template by using the AWS CloudFormation CreateStack API call.
• D. Use AWS CloudFormation StackSets from the management account to deploy the template in each of the accounts.

Correct answer: D

Explanation

The correct answer is D because AWS CloudFormation StackSets allows for centralized management and deployment of CloudFormation templates across multiple accounts with minimal effort. Options A, B, and C involve more manual steps and operational overhead, such as assuming roles and executing deployments individually, which do not scale as efficiently as StackSets.