What design practice supports auditable changes and rapid rollback across accounts?

Sharpen your skills for the AWS Certified Solutions Architect Professional Exam. Dive into flashcards, multiple choice questions, each with detailed explanations and hints. Perfect your knowledge and get ready to ace the AWS exam!

Multiple Choice

What design practice supports auditable changes and rapid rollback across accounts?

Explanation:
Auditable changes and rapid rollback across accounts are best achieved by Infrastructure as Code with versioned templates (such as CloudFormation or CDK) combined with a change-control process integrated into CI/CD. When infrastructure is defined in code and stored in version control, every modification is captured with who made it, when, and why, creating a complete audit trail. A change-control process enforces approvals, testing, and reviews before anything is deployed, so changes are reproducible and predictable rather than ad hoc. With a CI/CD pipeline, those changes are automatically validated and deployed to multiple accounts in a controlled way. Deploying a previous, known-good version is straightforward because the prior template and parameters are still in version history, enabling rapid rollback across all target accounts. This approach also eliminates drift, since environments are recreated from the same codebase, ensuring consistency. In contrast, manual change management without automation is slow and hard to audit; ad hoc changes introduce drift and unreliable rollbacks. CloudWatch alarms monitor state and trigger responses, but they do not themselves provide a mechanism for auditable changes or quick, reliable redeployment across accounts.

Auditable changes and rapid rollback across accounts are best achieved by Infrastructure as Code with versioned templates (such as CloudFormation or CDK) combined with a change-control process integrated into CI/CD. When infrastructure is defined in code and stored in version control, every modification is captured with who made it, when, and why, creating a complete audit trail. A change-control process enforces approvals, testing, and reviews before anything is deployed, so changes are reproducible and predictable rather than ad hoc.

With a CI/CD pipeline, those changes are automatically validated and deployed to multiple accounts in a controlled way. Deploying a previous, known-good version is straightforward because the prior template and parameters are still in version history, enabling rapid rollback across all target accounts. This approach also eliminates drift, since environments are recreated from the same codebase, ensuring consistency.

In contrast, manual change management without automation is slow and hard to audit; ad hoc changes introduce drift and unreliable rollbacks. CloudWatch alarms monitor state and trigger responses, but they do not themselves provide a mechanism for auditable changes or quick, reliable redeployment across accounts.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy