Which AWS service will meet these requirements?
Amazon Macie
Amazon Detective
AWS Control Tower
AWS Secrets Manager
Explanations:
Amazon Macie is primarily focused on data security and privacy, specifically for identifying and protecting sensitive data in AWS. While it provides insights into data security, it does not provide a comprehensive solution for applying security best practices across multiple accounts.
Amazon Detective is designed for analyzing and investigating security issues across AWS resources. It helps in understanding the security postures of resources but does not enforce or manage security best practices across AWS accounts.
AWS Control Tower provides a comprehensive framework for establishing and governing secure and compliant multi-account AWS environments. It automates the setup of best practices based on the AWS Well-Architected Framework and applies security controls across all accounts, making it the best option for this requirement.
AWS Secrets Manager is used for managing secrets, such as API keys and database credentials. While it enhances security for managing sensitive information, it does not address the broader scope of applying overall security best practices across multiple AWS accounts.