A company uses AWS Control Tower to manage its multi-account AWS environment. The company…

Question

A company uses AWS Control Tower to manage its multi-account AWS environment. The company has historically created AWS accounts by using AWS Control Tower through the AWS Management Console. The company wants to implement an automated solution that will create new AWS accounts by using AWS Control Tower Account Factory. A DevOps engineer is testing a new approach in which employees will upload a csv file into an Amazon S3 bucket. The .csv file will contain the information that is necessary to create a new AWS account. An AWS Lambda function will process event notifications from Amazon S3 when new files are created in the S3 bucket. The Lambda function will create the AWS account by using the AWS Service Catalog APIs. The DevOps engineer needs to implement a solution to publish a notification to an Amazon Simple Notification Service (Amazon SNS) topic when the account creation process ends successfully. What should the DevOps engineer do to automate the SNS notification?

Accepted Answer

Correct answer: D. D. Configure an Amazon EventBridge (Amazon CloudWatch Events) rule that reacts to the AWS Control Tower CreateManagedAccount event and publishes to the SNS topic. — The correct answer is D because configuring an Amazon EventBridge rule to react to the AWS Control Tower CreateManagedAccount event directly relates to the completion of the account creation process, thus ensuring the SNS notification is sent upon successful account creation. Options A and B are incorrect since they do not specifically focus on the account creation event, and option C is not applicable as it addresses a different event that does not indicate the completion of the account creation.

AWS Certified DevOps Engineer – Professional — Question 110

Answer options

Correct answer: D

Explanation