Amazon PAS-C01 Exam - Topic 4 Question 72 Discussion

Actual exam question for Amazon's PAS-C01 exam

Question #: 72
Topic #: 4

A company is starting a new project to implement an SAP landscape with multiple accounts that belong to multiple teams in the us-east-2 Region. These teams include procurement finance sales and human resources An SAP solutions architect has started designing this new landscape and the AWS account structures

The company wants to use automation as much as possible The company also wants to secure the environment implement federated access to accounts centralize logging and establish cross-account security audits in addition the company's management team needs to receive a top-level summary of policies that are applied to the AWS accounts.

What should the SAP solutions architect do to meet these requirements?

AUse AWS CloudFormation StackSets to apply SCPs to multiple accounts in multiple Regions. Use an Amazon CloudWatch dashboard to check the applied policies in the accounts

BUse an AWS Elastic Beanstalk blue green deployment to create 1AM policies and apply them to multiple accounts together Use an Amazon CloudWatch dashboard to check the applied policies in the accounts

CImplement guardrails by using AWS CodeDeploy and AWS CodePipeline to deploy SCPs into each account Use the CodePipeline deployment dashboard to check the applied policies in the accounts

DApply SCPs through AWS Control Tower Use the AWS Control Tower integrated dashboard to check the applied policies in the accounts

Show Suggested Answer

Suggested Answer: D

AWS Control Tower is a service that automates the set up of a secure, compliant, multi-account AWS environment. It helps to establish guardrails and automate the deployment of security policies to multiple accounts in a centralized and consistent manner. By using AWS Control Tower, the SAP solutions architect can establish guardrails across all accounts, set up federated access, centralize logging, and establish cross-account security audits. The integrated dashboard in AWS Control Tower allows the management team to receive a top-level summary of policies that are applied to the AWS accounts. This will help the company to meet their requirements of using automation as much as possible, securing the environment and implementing federated access to accounts, centralizing logging and establishing cross-account security audits.

by Cristen at May 16, 2026, 11:10 AM

Limited Time Offer

25%

Off

Get Premium PAS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!