What should the solutions architect do to meet these requirements?
Use AWS CloudFormation templates. Add IAM policies to control the various accounts, Deploy the templates across the multiple Regions.
Use AWS Organizations. Deploy AWS CloudFormation templates from the management account Use AWS Control Tower to manage deployments across accounts.
Use AWS Organizations and AWS CloudFormation StackSets. Deploy a Cloud Formation template from an account that has the necessary IAM permissions.
Use nested stacks with AWS CloudFormation templates. Change the Region by using nested stacks.
Explanations:
While AWS CloudFormation templates can define infrastructure as code, using IAM policies alone does not facilitate deployment across multiple AWS accounts and regions effectively. This option does not address the multi-account structure or provide a streamlined deployment process.
AWS Organizations and Control Tower are beneficial for managing multiple accounts and standardizing setups, but this option does not mention StackSets, which are necessary for deploying CloudFormation templates across multiple accounts and regions simultaneously.
This option correctly identifies the use of AWS Organizations and AWS CloudFormation StackSets, which enable the deployment of infrastructure as code across multiple AWS accounts and regions efficiently. The requirement for necessary IAM permissions is also addressed.
Nested stacks allow for modular CloudFormation templates but do not inherently support deployment across multiple AWS accounts or regions. This option lacks the necessary tools (like StackSets) to manage deployments at scale across multiple accounts and regions effectively.
I chart that the answer is:
Use AWS Organizations and AWS CloudFormation StackSets. Deploy a Cloud Formation template from an account that has the necessary IAM permissions.