Answer-first summary for fast verification
Answer: Configure a delegated administrator account for AWS Config. Enable trusted access for AWS Config in the organization., Create an AWS Config organization aggregator in the delegated administrator account. Configure data collection from all AWS accounts in the organization and from all AWS Regions.
The correct answers are A and E. Option A involves configuring a delegated administrator account for AWS Config and enabling trusted access. Enabling trusted access is crucial because it allows AWS Config to integrate with other AWS Organizations services, simplifying central management. Option E describes creating an AWS Config organization aggregator in the delegated administrator account, which allows for data collection from all AWS accounts and regions. This matches the requirement to centrally configure AWS Config and record resource changes in a central account.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
A company manages multiple AWS accounts within an AWS Organizations setup. Currently, AWS Config is manually set up in each account, but the company requires a centralized solution to configure AWS Config across all accounts and to record resource changes in a central account. What actions should a DevOps engineer take to achieve this centralized configuration and data recording? (Choose two.)
A
Configure a delegated administrator account for AWS Config. Enable trusted access for AWS Config in the organization.
B
Configure a delegated administrator account for AWS Config. Create a service-linked role for AWS Config in the organization’s management account.
C
Create an AWS CloudFormation template to create an AWS Config aggregator. Configure a CloudFormation stack set to deploy the template to all accounts in the organization.
D
Create an AWS Config organization aggregator in the organization's management account. Configure data collection from all AWS accounts in the organization and from all AWS Regions.
E
Create an AWS Config organization aggregator in the delegated administrator account. Configure data collection from all AWS accounts in the organization and from all AWS Regions.