nerdexam
ExamsDOP-C02Questions#157
AmazonAmazon

DOP-C02 · Question #157

DOP-C02 Question #157: Real Exam Question with Answer & Explanation

The correct answer is C: Configure a delegated administrator account for the organization. Create an AWS. Explanation Option C is correct because using a delegated administrator account with AWS CloudFormation StackSets allows the DevOps engineer to deploy the Lambda function across all 500 accounts automatically, and combining it with Amazon EventBridge (scheduled every 30 minutes)

Submitted by kwame.gh· Mar 6, 2026Configuration Management and Infrastructure as Code

Question

A company manages 500 AWS accounts that are in an organization in AWS Organizations. The company discovers many unattached Amazon Elastic Block Store (Amazon EBS) volumes in all the accounts. The company wants to automatically tag the unattached EBS volumes for investigation. A DevOps engineer needs to deploy an AWS Lambda function to all the AWS accounts. The Lambda function must run every 30 minutes to tag all the EBS volumes that have been unattached for a period of 7 days or more. Which solution will meet these requirements in the MOST operationally efficient manner?

Options

  • AConfigure a delegated administrator account for the organization. Create an AWS
  • BCreate a cross-account IAM role in the organization's member accounts. Attach the
  • CConfigure a delegated administrator account for the organization. Create an AWS
  • DCreate a cross-account IAM role in the organization's member accounts. Attach the

Explanation

Explanation

Option C is correct because using a delegated administrator account with AWS CloudFormation StackSets allows the DevOps engineer to deploy the Lambda function across all 500 accounts automatically, and combining it with Amazon EventBridge (scheduled every 30 minutes) ensures the Lambda runs on the required schedule - this is the most operationally efficient approach since it leverages native AWS Organizations integration without manual per-account setup.

Why the distractors are wrong:

  • Option A likely uses a similar delegated administrator setup but relies on a less efficient triggering or deployment mechanism (e.g., manual invocation or incorrect scheduling approach) that doesn't fully meet the automation requirement.
  • Options B and D both rely on creating cross-account IAM roles manually across 500 accounts, which is operationally burdensome and doesn't scale efficiently - this approach requires significant manual effort compared to the StackSets + Organizations integration.

Memory Tip: Think "Scale = StackSets + Organizations" - whenever a question involves deploying resources across many AWS accounts in an organization, CloudFormation StackSets with a delegated administrator is almost always the most operationally efficient answer. Manual cross-account roles are a red flag for inefficiency at scale. 🎯

Topics

#AWS Organizations#AWS Lambda#EventBridge scheduling#Cross-account management

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full DOP-C02 PracticeBrowse All DOP-C02 Questions