Free AWS Certified Solutions Architect Associate SAA-C03 Practice Question

A multinational enterprise has separate accounts for development and production environments to enhance security and operational efficiency. Developers need to access cloud resources in the production environment sporadically to perform troubleshooting. As a solutions architect, what approach would you suggest to facilitate these occasional access requirements while maintaining stringent security controls?

  • Implement trust relationships between the organization's accounts using roles with permissions to access necessary services, allowing for temporary credential assumption through a trusted federation.

  • Adjust the policies attached to resources in the separate environment to directly authorize access for identities from the development environment.

  • Provide distinct user credentials for each developer that grant access to the necessary services in the separate environment, with a scheduled monthly rotation policy.

  • Create identically named roles with necessary permissions in both the development and separate environment accounts.

This question's topic:
AWS Certified Solutions Architect Associate SAA-C03 / 
Design Secure Architectures
Your Score:

Check or uncheck an objective to set which questions you will receive.