ExpertHard1 markMultiple Choice
AWS SAP-C02 · Question 33 · Domain 1.4: Multi-Account Environment
An architect is designing a multi-account strategy using AWS Control Tower. They need to provision new accounts automatically, ensure specific baseline VPCs are deployed in every new account, and integrate with their third-party identity provider (IdP). Which THREE AWS services or features will be utilized? (Select THREE)
An architect is designing a multi-account strategy using AWS Control Tower. They need to provision new accounts automatically, ensure specific baseline VPCs are deployed in every new account, and integrate with their third-party identity provider (IdP). Which THREE AWS services or features will be utilized? (Select THREE)
Answer options:
A.
AWS Service Catalog
B.
AWS Directory Service
C.
AWS OpsWorks
D.
AWS CloudFormation StackSets
E.
AWS IAM Identity Center
F.
Amazon Cognito
G.
AWS Systems Manager State Manager
How to approach this question
Identify the underlying services that power AWS Control Tower.
Full Answer
AWS Control Tower relies on Service Catalog for account vending, CloudFormation StackSets for deploying baseline infrastructure across accounts, and IAM Identity Center for SSO and IdP integration.
Common mistakes
Confusing Cognito (customer identity) with IAM Identity Center (workforce identity).
Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 2
75 questions · hints · full answers · grading
More questions from this exam
Q01A company is setting up a multi-account AWS environment using AWS Organizations. They need to ens...EasyQ02An enterprise needs to connect its on-premises data center to AWS. They require a dedicated, priv...EasyQ03A company wants to share a single AWS Transit Gateway across multiple AWS accounts within their A...EasyQ04An architect needs to design a highly available database architecture that spans multiple AWS Reg...EasyQ05A global financial institution is migrating its core banking application to AWS. The application ...Medium