Explanation:
Why Option B is correct:
Standardized CloudFormation templates - Provides reusable, versioned components that implement security, observability, and RAG patterns based on AWS Well-Architected Generative AI Lens.
Centralized repository for version control - Ensures components are versioned and governed consistently across all business units.
CI/CD pipeline integration - Enables consistent and repeatable deployments, automating the deployment process.
CloudFormation Guard integration - Provides policy compliance validation as part of the deployment pipeline, ensuring governance is enforced before deployment.
Why other options are incorrect:
Option A: Uses CloudFormation Guard only after deployment, which doesn't prevent non-compliant deployments from occurring. It lacks centralized version control and CI/CD automation.
Option C: AWS Service Catalog is a good tool for providing standardized products, but requiring business units to use the console manually doesn't ensure consistent, automated deployments across all units. It lacks the automation and pipeline integration needed for consistent governance.
Option D: Document-based approach with Amazon Macie (which is for data security and classification) doesn't provide reusable, versioned components or automated deployment patterns. Delegating implementation to each business unit leads to inconsistency.
Key Requirements Met by Option B:
Ultimate access to all questions.
No comments yet.
A company is planning to deploy multiple generative AI (GenAI) applications to five independent business units that operate in multiple countries in Europe and the Americas. Each application uses Amazon Bedrock Retrieval Augmented Generation (RAG) patterns with business unit-specific knowledge bases that store terabytes of unstructured data.
The company must establish well-architected, standardized components for security controls, observability practices, and deployment patterns across all the GenAI applications. The components must be reusable, versioned, and governed consistently.
Which solution will meet these requirements?
A
Configure Amazon API Gateway REST API endpoints for the GenAI applications. Deploy common security, observability, and RAG patterns based on the AWS Well-Architected Generative AI Lens in standardized AWS CloudFormation templates. Use CloudFormation Guard after deployment to validate policy compliance in each business unit.
B
Create standardized AWS CloudFormation templates to implement security, observability, and RAG patterns based on the AWS Well-Architected Generative AI Lens. Establish a centralized repository for version control. Integrate a CI/CD pipeline with CloudFormation Guard to enforce consistent and repeatable deployments across business units.
C
Use AWS Service Catalog to define standardized portfolios and versioned products for each business unit. Use the portfolios to enforce security, observability, and RAG patterns based on the AWS Well-Architected Generative AI Lens. Require business units to use the Service Catalog console to deploy resources.
D
Document security controls, observability requirements, and RAG patterns based on the AWS Well-Architected Generative AI Lens in a shared design document. Use Amazon Macie to enforce deployment. Delegate implementation responsibility to each business unit.