Q: 17
A company has chosen AWS to host a new application. The company needs to implement a multi-
account strategy. A DevOps engineer creates a new AWS account and an organization in AWS
Organizations. The DevOps engineer also creates the OU structure for the organization and sets up a
landing zone by using AWS Control Tower.
The DevOps engineer must implement a solution that automatically deploys resources for new
accounts that users create through AWS Control Tower Account Factory. When a user creates a new
account, the solution must apply AWS CloudFormation templates and SCPs that are customized for
the OU or the account to automatically deploy all the resources that are attached to the account. All
the OUs are enrolled in AWS Control Tower.
Which solution will meet these requirements in the MOST automated way?
Options
Discussion
D vs B here. Pretty sure it's D because Customizations for AWS Control Tower is meant for automating these deployments automatically on new account creation, with CodeCommit making it seamless. Saw similar suggestion in the official guide and labs.
Be respectful. No spam.
