SAA-C03 · Question #334
SAA-C03 Question #334: Real Exam Question with Answer & Explanation
The correct answer is B: Define IAM roles that have fine-grained permissions based on the principle of least privilege.. The best practice for secure access control in AWS is to use IAM roles with least-privilege policies, granting only the permissions necessary to perform required tasks. Assigning roles individually ensures that developers cannot overstep their intended access boundaries. Sharing
Question
A company needs to grant a team of developers access to the company's AWS resources. The company must maintain a high level of security for the resources. The company requires an access control solution that will prevent unauthorized access to the sensitive data. Which solution will meet these requirements?
Options
- AShare the IAM user credentials for each development team member with the rest of the team to
- BDefine IAM roles that have fine-grained permissions based on the principle of least privilege.
- CCreate IAM access keys to grant programmatic access to AWS resources. Allow only developers
- DCreate an AWS Cognito user pool. Grant developers access to AWS resources by using the user
Explanation
The best practice for secure access control in AWS is to use IAM roles with least-privilege policies, granting only the permissions necessary to perform required tasks. Assigning roles individually ensures that developers cannot overstep their intended access boundaries. Sharing credentials or using permanent access keys increases the risk of security breaches. Cognito is primarily intended for managing user access to applications, not AWS infrastructure. Thus, Option B best meets security and access control requirements.
Community Discussion
No community discussion yet for this question.