Free AWS Certified Solutions Architect Associate SAA-C03 Practice Question
A global enterprise maintains three separate environments for their application lifecycle: development, staging, and production. Each environment is managed through distinct cloud accounts to enhance compartmentalization. With a centralized directory service managing user credentials on-premises, which approach should be chosen to provide developers with environment-specific access, while adhering to the security principle of least privilege?
Distribute multiple access credentials tied to a singular identity within the primary cloud account for access management.
Integrate the centralized directory service with cloud-based trust relationships and environment-specific roles for secure, limited access.
Use a user identity and authentication management service suited for applications to control access to different cloud accounts.
Assign credentials from the directory service to individual user accounts in each cloud environment, applying direct permissions.
