SOA-C02 Question #628: Real Exam Question with Answer & Explanation

Question

A company uses AWS accounts for its applications. The accounts are in an organization with all features enabled in AWS Organizations. The company operates in a single AWS Region. The company has created a custom Amazon Machine Image (AMI) and intends to release new versions of the AMI over time. The company's SysOps administrator uses AWS CloudFormation to deploy infrastructure. The SysOps administrator must implement a solution to dynamically reference the latest standardized AMI ID from AWS Systems Manager Parameter Store during deployment. Which combination of steps will meet these requirements with the LEAST effort? (Choose three.)

Options

• ACreate a new Systems Manager parameter to store the AMI value in the standard parameter tier.
• BCreate a new Systems Manager parameter to store the AMI value in the advanced parameter tier.
• CEnable trusted access with Organizations.
• DEnable resource sharing with Organizations.
• ECreate a resource share by using AWS Resource Access Manager (AWS RAM). Specify the new
• FCreate an Amazon EventBridge rule that invokes an AWS Lambda function when a new AMI is

Explanation

Create a Systems Manager parameter (using the standard tier, since an AMI ID is a small value) to store the latest AMI ID. To have this parameter available for deployments in all of your AWS accounts, share it with the entire organization by creating a resource share using AWS Resource Access Manager (AWS RAM) that specifies the new parameter as the resource and the entire organization as the Set up an automated update process by creating an Amazon EventBridge rule that triggers an AWS Lambda function when a new AMI is published; the function will assume the appropriate IAM role in the linked accounts and update the Systems Manager parameter with the new AMI ID.

No community discussion yet for this question.