A company uses an organization in AWS Organizations to manage its AWS accounts. The compa…

Question

A company uses an organization in AWS Organizations to manage its AWS accounts. The company's automation account contains a CI/CD pipeline that creates and configures new AWS accounts. The company has a group of internal service teams that provide services to accounts in the organization. The service teams operate out of a set of services accounts. The service teams want to receive an AWS CloudTrail event in their services accounts when the CreateAccount API call creates a new account. How should the company share this CloudTrail event with the service accounts?

Accepted Answer

Correct answer: A. A. Create an Amazon EventBridge rule in the automation account to send account creation events to the default event bus in the services accounts. Update the default event bus in the services accounts to allow events from the automation account. — The correct answer is A because it directly sets up an EventBridge rule in the automation account to send events to the service accounts' default event bus, ensuring proper permissions are in place. Options B and C involve unnecessary complexity by creating custom event buses instead of using the existing ones, while option D incorrectly suggests connecting a custom event bus to default buses without utilizing the straightforward method provided in option A.

AWS Certified DevOps Engineer – Professional (DOP-C02) — Question 173

Answer options

Correct answer: A

Explanation