AWS Certified DevOps Engineer – Professional (DOP-C02) — Question 42

A company wants to use AWS CloudFormation for infrastructure deployment. The company has strict tagging and resource requirements and wants to limit the deployment to two Regions. Developers will need to deploy multiple versions of the same application.
Which solution ensures resources are deployed in accordance with company policy?

Answer options

• A. Create AWS Trusted Advisor checks to find and remediate unapproved CloudFormation StackSets.
• B. Create a Cloud Formation drift detection operation to find and remediate unapproved CloudFormation StackSets.
• C. Create CloudFormation StackSets with approved CloudFormation templates.
• D. Create AWS Service Catalog products with approved CloudFormation templates.

Correct answer: D

Explanation

The correct answer is D because AWS Service Catalog allows organizations to create and manage approved products (including CloudFormation templates), ensuring compliance with company policies. Options A and B do not directly ensure that resources are deployed according to policies; they focus on identifying or correcting existing issues rather than facilitating compliant deployments. Option C, while useful, does not provide the governance and control offered by AWS Service Catalog.