Which solution will meet these requirements with the MOST operational efficiency?
Create an AWS CloudFormation template. Declare the users in the template. Attach the users to the database. Deploy the template in each account.
Create an AWS CloudFormation template that contains a custom resource to create the users in the database. Deploy the template in each account.
Write a script that creates the users. Deploy an Amazon EC2 instance in each account to run the script on the databases. Run the script in each account.
Implement an AWS Lambda function that creates the users in the database. Provide the function with the details of all three accounts.
Explanations:
While using an AWS CloudFormation template to declare users and attach them to the database can automate the process, it lacks the ability to dynamically manage updates and changes to users across multiple accounts. Each deployment would require manual intervention to update users, leading to inefficiencies.
Creating a CloudFormation template with a custom resource for user management allows for consistent user creation and updates across all accounts. The custom resource can interact with the database to create or modify users as needed, ensuring that all accounts are synchronized efficiently without manual script execution or additional infrastructure.
Writing a script and deploying an EC2 instance in each account introduces unnecessary complexity and operational overhead. This approach requires maintaining separate instances and scripts, which can lead to inconsistencies if the script is not run uniformly across all accounts or if updates are needed.
While an AWS Lambda function can automate user creation, it would require additional configuration to handle the management of users across three different accounts. This could complicate permissions and access, and would not be as operationally efficient as using a CloudFormation template with a custom resource tailored for consistent user management across multiple environments.