A company manages a multi-account AWS environment within a single region using AWS Organizations. The management account is named management-01, and AWS Config is enabled across all accounts. The security-01 account is designated as the delegated administrator for AWS Config. Each account reports its compliance status to the security-01 account via an AWS Config aggregator. Account administrators can configure and manage their own AWS Config rules to meet unique compliance needs. A security engineer must implement a solution to automatically deploy a set of 10 AWS Config rules to all existing and future accounts in the organization, ensuring AWS Config is activated during account creation. Which two steps will fulfill these requirements?