Domain 1.4: Multi-Account Environment — AWS SAP-C02 Practice Question 27

How to approach this question

Look for the native extensibility feature of Control Tower.

Full Answer

B.Use Control Tower Account Factory Customization (AFC) or lifecycle events to trigger an AWS Step Functions workflow that deploys the agent via Systems Manager.✓ Correct

Use Control Tower Account Factory Customization (AFC) or lifecycle events to trigger an AWS Step Functions workflow that deploys the agent via Systems Manager.

Control Tower emits lifecycle events to EventBridge, which can trigger automated workflows to customize new accounts.

Common mistakes

Thinking SCPs can perform actions like installing software.

An enterprise uses AWS Control Tower. They need to customize the account vending process to automatically deploy a specific third-party security agent on all EC2 instances created in new accounts. What is the BEST approach?

How to approach this question

Full Answer

Common mistakes

Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 3

More questions from this exam