AWS Certified Solutions Architect - Professional
Get started today
Ultimate access to all questions.
A company is transitioning its infrastructure to AWS Cloud and must adhere to diverse regulatory standards across various projects. They require a multi-account setup. A solutions architect is tasked with establishing the foundational infrastructure. The solution should ensure uniform management and security baselines, yet accommodate varying compliance needs within multiple AWS accounts. Additionally, it must integrate with the existing on-premises Active Directory Federation Services (AD FS) server. What approach minimizes operational overhead while fulfilling these requirements?
A company is transitioning its infrastructure to AWS Cloud and must adhere to diverse regulatory standards across various projects. They require a multi-account setup. A solutions architect is tasked with establishing the foundational infrastructure. The solution should ensure uniform management and security baselines, yet accommodate varying compliance needs within multiple AWS accounts. Additionally, it must integrate with the existing on-premises Active Directory Federation Services (AD FS) server. What approach minimizes operational overhead while fulfilling these requirements?
Explanation:
The correct answer is B. AWS Control Tower dramatically reduces operational overhead by automating the creation of a well-architected, multi-account environment using best-practice blueprints. It also allows for flexibility with organizational units (OUs) and integrates seamlessly with AWS IAM Identity Center (AWS Single Sign-On), which is recommended for workforce authentication. By connecting AWS IAM Identity Center to the on-premises AD FS server, the company can maintain existing authentication processes without extensive manual setup. This solution ensures compliance, consistent security, and management across all account environments while minimizing operational complexity.