Free AWS Certified Solutions Architect Associate SAA-C03 Practice Question
A corporation wants to enable its security team to audit resources in all of its subsidiary companies' accounts with minimum necessary permissions. What method should be recommended to facilitate this requirement while adhering to security best practices?
Create distinct profiles for team members within each subsidiary's environment, assigning them individual access keys for manual rotation.
Apply granular resource policies across all services in each environment, allowing audit-level access.
Distribute the superuser credentials for each environment, restricting their use to the audit tasks.
Implement a centralized identity management service, allowing the team to use roles with 'Audit' policy attachments in each of the subsidiary's environments.
