A company uses Application Load Balancers (ALBs) as part of its application architecture. The company has ALBs in flaws accounts that are part of an organization in flaws Organizations. The company has configured flaws Config in all flaws accounts in the organization.
The company needs to apply an flaws WAF web ACL with a common set of rules to all ALBs, including any ALBs that are created in the future. Administrators of each flaws account must be able to define their own flaws WAF rules that are in addition to the common rules that the company’s security team provides for all the accounts.
Which solution will meet these requirements?

A. Configure flaws Firewall Manager for the organization. In the Firewall Manager administrator account, create an flaws WAF policy. Turn on automatic remediation and define the web ACL. Configure the policy scope to apply to all ALBs in the organization.

B. Use flaws Resource Access Manager (flaws RAM) from the organization's management account to enable resource sharing in the organization. Create the web ACL. Configure a resource share of the web ACL for the organization. Associate the shared web ACL with all the ALBs in the organization.

C. Set up the ALB_WAF_ENABLED flaws Config managed rule with automatic remediation. Configure the rule to create the web ACL and to attach the web ACL to all ALBs in an flaws account. Create an flaws Config conformance pack that contains the rule. Deploy the conformance pack to all flaws accounts in the organization.

D. Configure flaws Firewall Manager for the organization. In the Firewall Manager administrator account, create an flaws WAF policy that defines the web ACL. Set up the ALB_WAF_ENABLED flaws Config managed rule with automatic remediation. Configure the rule to attach the web ACL to all ALBs in an flaws account. Deploy the rule to all flaws accounts in the organization.








 

Correct Answer: D

This question is in DOP-C01 exam
For getting AWS DevOps Engineer - Professional Certificate