AWS Certified Developer Associate DVA-C02 Practice Question
An organization's development team is preparing to roll out a serverless application that utilizes multiple cloud resources, including object storage, a NoSQL database, and serverless compute functions. The application must be able to read and write data to specific storage buckets and database tables. To comply with best security practices, how should you provision access for this application?
Deactivate explicit permission policies and deploy network-based controls to govern access to the necessary service resources.
Employ the root user's credentials for the application to ensure uninterrupted service access without having to manage multiple permission sets.
Generate an access key and secret key combination for the application, granting full management capabilities for all services to avoid potential disruptions.
Construct a custom security profile for the application, restricting permissions exclusively to the operations required on designated storage buckets and database tables.