Which solution ensures resources are deployed in accordance with company policy?
Create AWS Trusted Advisor checks to find and remediate unapproved CloudFormation StackSets.
Create a CloudFormation drift detection operation to find and remediate unapproved CloudFormation StackSets.
Create CloudFormation StackSets with approved CloudFormation templates.
Create AWS Service Catalog products with approved CloudFormation templates.
Explanations:
AWS Trusted Advisor does not specifically control or enforce CloudFormation StackSet usage, so it cannot directly enforce the policy.
CloudFormation drift detection helps identify changes between deployed stacks and templates, but it doesn’t enforce deployment rules or region restrictions.
CloudFormation StackSets allow multi-region deployments, but they don’t enforce strict tagging and region limitations.
AWS Service Catalog allows you to define approved CloudFormation templates, ensuring compliance with company policies on tagging, regions, and application versions.