A company needs to adopt a multi-account strategy to deploy its applications and the asso…

Question

A company needs to adopt a multi-account strategy to deploy its applications and the associated CI/CD infrastructure. The company has created an organization in AWS Organizations that has all features enabled. The company has configured AWS Control Tower and has set up a landing zone. The company needs to use AWS Control Tower controls (guardrails) in all AWS accounts in the organization. The company must create the accounts for a multi-environment application and must ensure that all accounts are configured to an initial baseline. Which solution will meet these requirements with the LEAST operational overhead?

Accepted Answer

Correct answer: A. A. Create an AWS Control Tower Account Factory Customization (AFC) blueprint that uses the baseline configuration. Use AWS Control Tower Account Factory to provision a dedicated AWS account for each environment and a CI/CD account by using the blueprint. — The correct answer is A because using the AWS Control Tower Account Factory Customization (AFC) blueprint streamlines the process of setting up accounts with the necessary baseline configuration while ensuring compliance with AWS Control Tower controls. Other options, while valid, involve additional steps or tools that increase operational overhead, such as using AWS CloudFormation StackSets or implementing custom Lambda functions.

AWS Certified DevOps Engineer – Professional (DOP-C02) — Question 218

Answer options

Correct answer: A

Explanation