SAP-C02 · Question #143
SAP-C02 Question #143: Real Exam Question with Answer & Explanation
The correct answer is D: The customer should create an IAM role and assign the required permissions to the IAM role.. https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html
Question
An AWS partner company is building a service in AWS Organizations using its organization named org1. This service requires the partner company to have access to AWS resources in a customer account, which is in a separate organization named org2. The company must establish least privilege security access using an API or command line tool to the customer account. What is the MOST secure way to allow org1 to access resources in org2?
Options
- AThe customer should provide the partner company with their AWS account access keys to log in
- BThe customer should create an IAM user and assign the required permissions to the IAM user.
- CThe customer should create an IAM role and assign the required permissions to the IAM role.
- DThe customer should create an IAM role and assign the required permissions to the IAM role.
Explanation
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html
Community Discussion
No community discussion yet for this question.