A company uses AWS Organizations. The network team wants to share a central Transit Gateway (TGW) with all AWS accounts in the organization. They want new accounts to automatically have access to the TGW without manual intervention. What is the MOST efficient solution?

Answer options:

Create a Lambda function triggered by account creation to share the TGW via RAM to the new account ID.

Use AWS Resource Access Manager (RAM) to share the TGW with the AWS Organizations ARN. Enable Organizations sharing in RAM.

Configure a Service Control Policy (SCP) to automatically attach new VPCs to the central TGW.

Share the TGW using a cross-account IAM role assumed by AWS CloudFormation StackSets.

How to approach this question

Identify the native AWS service for sharing resources across accounts.

B.Use AWS Resource Access Manager (RAM) to share the TGW with the AWS Organizations ARN. Enable Organizations sharing in RAM.✓ Correct

Use AWS Resource Access Manager (RAM) to share the TGW with the AWS Organizations ARN. Enable Organizations sharing in RAM.

AWS RAM allows you to share resources like TGWs with your entire Organization or specific OUs. New accounts automatically gain access.

Thinking custom automation is required for new accounts.

75 questions · hints · full answers · grading