Consider a scenario where you need to deploy AWS Control Tower in an existing AWS environment that includes multiple accounts and resources. What steps would you take to ensure a successful deployment, including which services might need to be deactivated or reconfigured?

Simulated

Deploy AWS Control Tower without any changes to existing services and accounts.

25.0%

Deactivate all existing IAM roles and policies before deploying AWS Control Tower.

25.0%

Review and potentially decommission conflicting services or configurations that might interfere with AWS Control Tower's governance model, such as existing SCPs or IAM roles that conflict with Control Tower's guardrails.

50.0%

Deploy AWS Control Tower and then manually reconfigure all existing services to align with Control Tower's settings.

0.0%

AWS Certified Security - Specialty

Get started today

Comments

Consider a scenario where you need to deploy AWS Control Tower in an existing AWS environment that includes multiple accounts and resources. What steps would you take to ensure a successful deployment, including which services might need to be deactivated or reconfigured?