AWS Certified Solutions Architect – Professional — Question 981

A company has an organization in AWS Organizations. The organization consists of a large number of AWS accounts that belong to separate business units. The company requires all Amazon EC2 instances to be provisioned with custom, hardened AMIs. The company wants a solution that provides each AWS account access to the AMIs.
Which solution will meet these requirements with the MOST operational efficiency?

Answer options

• A. Create the AMIs with EC2 Image Builder. Create an AWS CodePipeline pipeline to share the AMIs across all AWS accounts.
• B. Deploy Jenkins on an EC2 instance. Create jobs to create and share the AMIs across all AWS accounts.
• C. Create and share the AMIs with EC2 Image Builder. Use AWS Service Catalog to configure a product that provides access to the AMIs across all AWS accounts.
• D. Create the AMIs with EC2 Image Builder. Create an AWS Lambda function to share the AMIs across all AWS accounts.

Correct answer: C

Explanation

EC2 Image Builder simplifies the creation, maintenance, and sharing of secure, hardened AMIs across AWS accounts. Combining EC2 Image Builder with AWS Service Catalog provides a highly efficient, governance-focused mechanism to distribute these AMIs as standardized products throughout AWS Organizations. Other methods involving custom Lambda functions, CodePipeline, or self-managed Jenkins instances introduce unnecessary operational overhead and code maintenance.