CompTIA Study Materials
AWS Study Materials
AWS Certified Developer Associate AWS Certified Developer Associate
AWS Certified Developer Associate DVA-C02
AWS Certified Solutions Architect Associate AWS Certified Solutions Architect Associate
AWS Certified Solutions Architect Associate SAA-C03
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free AWS Certified Solutions Architect Associate SAA-C03 Practice Question

A corporation wants to enable its security team to audit resources in all of its subsidiary companies' accounts with minimum necessary permissions. What method should be recommended to facilitate this requirement while adhering to security best practices?

  • Create distinct profiles for team members within each subsidiary's environment, assigning them individual access keys for manual rotation.

  • Implement a centralized identity management service, allowing the team to use roles with 'Audit' policy attachments in each of the subsidiary's environments.

  • Apply granular resource policies across all services in each environment, allowing audit-level access.

  • Distribute the superuser credentials for each environment, restricting their use to the audit tasks.

This question's topic:
AWS Certified Solutions Architect Associate SAA-C03 / 
Design Secure Architectures
Your Score:
Design Secure Architectures
Design Resilient Architectures
Design High-Performing Architectures
Design Cost-Optimized Architectures