What is the MOST operationally efficient configuration to meet these requirements?

A company has a policy that all Amazon EC2 instances that are running a database must exist within the same subnets in a shared VPC Administrators must follow security compliance requirements and are not allowed to directly log in to the shared account All company accounts are members of the same organization in AWS Organizations. The number of accounts will rapidly increase as the company grows.

A solutions architect uses AWS Resource Access Manager to create a resource share in the shared account

What is the MOST operationally efficient configuration to meet these requirements?
A . Add the VPC to the resource share. Add the account IDs as principals
B. Add all subnets within the VPC to the resource share. Add the account IDs as principals
C. Add all subnets within the VPC to the resource share. Add the organization as a principal.
D. Add the VPC to the resource share. Add the organization as a principal

View Answer

Answer: C

Explanation:

https://docs.aws.amazon.com/ram/latest/userguide/getting-started-sharing.html#getting-started-sharing-create

To restrict resource sharing to only principals in your organization, choose Allow sharing with principals in your organization only.

https://docs.aws.amazon.com/ram/latest/userguide/ram-ug.pdf