AmazonAmazon
SAA-C03 · Question #309
SAA-C03 Question #309: Real Exam Question with Answer & Explanation
Sign in or unlock SAA-C03 to reveal the answer and full explanation for question #309. The question stem and answer options stay visible for context.
Submitted by katya_ua· Mar 4, 2026Design Secure Architectures
Question
A company is using an Amazon Elastic Kubernetes Service (Amazon EKS) cluster. The company must ensure that Kubernetes service accounts in the EKS cluster have secure and granular access to specific AWS resources by using IAM roles for service accounts (IRSA). Which combination of solutions will meet these requirements? (Select TWO.)
Options
- ACreate an IAM policy that defines the required permissions. Attach the policy directly to the IAM
- BImplement network policies within the EKS cluster to prevent Kubernetes service accounts from
- CModify the EKS cluster's IAM role to include permissions for each Kubernetes service account.
- DDefine an IAM role that includes the necessary permissions. Annotate the Kubernetes service
- ESet up a trust relationship between the IAM roles for the service accounts and an OpenID
Unlock SAA-C03 to see the answer
You've previewed enough free SAA-C03 questions. Unlock SAA-C03 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.