A multinational enterprise has separate accounts for development and production environments to enhance security and operational efficiency. Developers need to access cloud resources in the production environment sporadically to perform troubleshooting. As a solutions architect, what approach would you suggest to facilitate these occasional access requirements while maintaining stringent security controls?
Adjust the policies attached to resources in the separate environment to directly authorize access for identities from the development environment.
Create identically named roles with necessary permissions in both the development and separate environment accounts.
Provide distinct user credentials for each developer that grant access to the necessary services in the separate environment, with a scheduled monthly rotation policy.
Implement trust relationships between the organization's accounts using roles with permissions to access necessary services, allowing for temporary credential assumption through a trusted federation.