🔥 3-day streak
AWS Certified DevOps Engineer - Professional107 / 204
Question 107 of 204

A company runs a shared services account that hosts a CodePipeline pipeline. The pipeline must deploy a CloudFormation stack into three separate target accounts (dev, staging, prod) that belong to the same AWS Organization. The DevOps team wants prod deployment to occur only after a security engineer explicitly approves, and they want to minimize the number of pipelines to maintain. Which approach best meets these requirements while following least-privilege cross-account practices?

Reviewed for accuracy · Report an issueNext question