Question 19

Domain 2: Design for New Solutions

A company is using an organization in AWS organization to manage AWS accounts. For each new project the company creates a new linked account. After the creation of a new account, the root user signs in to the new account and creates a service request to increase the service quota for Amazon EC2 instances. A solutions architect needs to automate this process. Which solution will meet these requirements with tie LEAST operational overhead?

A. Create an Amazon EventBridge rule to detect creation of a new account Send the event to an Amazon Simple Notification Service (Amazon SNS) topic that invokes an AWS Lambda function. Configure the Lambda function to run the request-service-quota-increase command to request a service quota increase for EC2 instances. B. Create a Service Quotas request template in the management account. Configure the desired service quota increases for EC2 instances. C. Create an AWS Config rule in the management account to set the service quota for EC2 instances. D. Create an Amazon EventBridge rule to detect creation of a new account. Send the event to an Amazon simple Notification service (Amazon SNS) topic that involves an AWS Lambda function. Configure the Lambda function to run the create-case command to request a service quota increase for EC2 instances.

Correct answer: A

Explanation

AWS Organizations emits account-creation events, so an Amazon EventBridge rule can detect when "a new account" is created without manual polling. EventBridge can route the event to SNS and Lambda, and Lambda can call the Service Quotas API/CLI to "request a service quota increase" for EC2, which automates the root-user action with the least operational overhead.

Why each option is right or wrong

AWS Organizations publishes account-creation events that can be matched by an Amazon EventBridge rule, so no polling or custom scheduler is needed to detect when a linked account is created. EventBridge can target an Amazon SNS topic, which can fan out to AWS Lambda; Lambda can then call the Service Quotas API/CLI action `request-service-quota-increase` for the EC2 quota, automating the same request the root user would otherwise submit manually with minimal operational overhead.

B. Create a Service Quotas request template in the management account. Configure the desired service quota increases for EC2 instances.

Request templates do not fit this scenario as the intended automation path for these new linked accounts.

C. Create an AWS Config rule in the management account to set the service quota for EC2 instances.

AWS Config evaluates compliance; it does not directly set or increase EC2 service quotas.

D. Create an Amazon EventBridge rule to detect creation of a new account. Send the event to an Amazon simple Notification service (Amazon SNS) topic that involves an AWS Lambda function. Configure the Lambda function to run the create-case command to request a service quota increase for EC2 instances.

create-case targets Support case workflows, not the direct Service Quotas request mechanism.

Previous Next