DOP-C02 · Question #212
DOP-C02 Question #212: Real Exam Question with Answer & Explanation
Sign in or unlock DOP-C02 to reveal the answer and full explanation for question #212. The question stem and answer options stay visible for context.
Question
A company is refactoring applications to use AWS. The company identifies an internal web application that needs to make Amazon S3 API calls in a specific AWS account. The company wants to use its existing identity provider (IdP) auth.company.com for authentication. The IdP supports only OpenID Connect (OIDC). A DevOps engineer needs to secure the web application's access to the AWS account. Which combination of steps will meet these requirements? (Choose three.)
Options
- AConfigure AWS IAM Identity Center (AWS Single Sign-On). Configure an IdP. Upload the IdP
- BCreate an IAM IdP by using the provider URL, audience, and signature from the existing IP.
- CCreate an IAM role that has a policy that allows the necessary S3 actions. Configure the role's
- DCreate an IAM role that has a policy that allows the necessary S3 actions. Configure the role's
- EConfigure the web application to use the AssumeRoleWithWebIdentity API operation to retrieve
- FConfigure the web application to use the GetFederationToken API operation to retrieve temporary
Unlock DOP-C02 to see the answer
You've previewed enough free DOP-C02 questions. Unlock DOP-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.