DVA-C02 · Question #568
DVA-C02 Question #568: Real Exam Question with Answer & Explanation
Sign in or unlock DVA-C02 to reveal the answer and full explanation for question #568. The question stem and answer options stay visible for context.
Question
A developer has an application that runs in AWS Account A. The application must retrieve an AWS Secrets Manager secret that is encrypted by an AWS Key Management Service (AWS KMS) key from AWS Account B. The application's role has permissions to access the secret in Account B. The developer must add a statement to the KMS key's key policy to allow the role in Account A to use the KMS key in Account B. The permissions must grant least privilege access to the role. Which permissions will meet these requirements?
Options
- Akms:Decrypt and kms:DescribeKey
- Bsecretsmanager:DescribeSecret and secretsmanager:GetSecretValue
- Ckms:*
- Dsecretsmanager:*
Unlock DVA-C02 to see the answer
You've previewed enough free DVA-C02 questions. Unlock DVA-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.