Answer-first summary for fast verification
Answer: AWS Organizations
## Explanation **AWS Organizations** is the correct answer because: - **Automated Account Creation**: AWS Organizations allows you to programmatically create new AWS accounts through APIs, enabling automation of account provisioning. - **Service Control Policies (SCPs)**: AWS Organizations provides SCPs that allow you to set centralized permissions across all accounts in your organization. You can use SCPs to prevent users from creating EC2 instances across all member accounts. - **Centralized Management**: Organizations provides a single place to manage multiple AWS accounts, including security policies, compliance requirements, and resource sharing. **Why the other options are incorrect:** - **AWS Service Catalog**: Manages approved IT services and products, not account creation or EC2 instance restrictions. - **EC2 Image Builder**: Automates the creation, maintenance, and validation of EC2 AMIs, not account management or permissions. - **AWS Systems Manager**: Provides operational insights and automates operational tasks, but doesn't handle account creation or organization-wide permissions. AWS Organizations is specifically designed for multi-account management with centralized security controls through SCPs.
Author: Ritesh Yadav
Ultimate access to all questions.
A company wants to automate the creation of new AWS accounts and automatically prevent all users from creating Amazon EC2 instances. Which AWS service provides this functionality?
A
AWS Service Catalog
B
AWS Organizations
C
EC2 Image Builder
D
AWS Systems Manager
No comments yet.