Q21 — AWS DOP-C02 Ch.2

Question 21 of 100 | ← Chapter 2

A company uses AWS Organizations and AWS Control Tower to manage its AWS accounts. The company has an Enterprise Support plan. A DevOps engineer is using Terraform Account Factory for AWS (AFT) to provision new accounts. During provisioning, the DevOps engineer notices that the new accounts are configured with the Basic Support plan. The DevOps engineer needs to implement a solution to provide the Enterprise Support plan to new accounts. Which solution meets these requirements?

Correct Answer: D. Set the aft_feature_enterprise_support feature flag to True in the AFT deployment input configuration. Redeploy AFT and apply the changes.

Explanation

Terraform Account Factory for AWS (AFT) supports configuring the Enterprise Support plan via a feature flag. AWS AFT documentation states that the `aft_feature_enterprise_support` parameter controls whether new accounts are automatically enrolled in the organization's Enterprise Support plan; setting it to `True` enables this during provisioning. Option A addresses compliance remediation but does not directly modify support plan assignment; Option B relies on manual ticketing and is not automated; Option C references `control_tower_parameters`, which is used natively by AWS Control Tower—not AFT, which uses its own parameters. Correct answer D directly modifies the AFT configuration, satisfying the requirement for automated provisioning.