Domain 1.1: Secure Access — AWS SAA-C03 Practice Question 01

How to approach this question

Identify the requirement for cross-account access and apply the AWS best practice of using IAM roles instead of sharing long-term credentials.

Full Answer

B.Create an IAM role with read-only permissions in the company's account and grant the auditor's AWS account permission to assume the role.✓ Correct

Create an IAM role with read-only permissions in the company's account and grant the auditor's AWS account permission to assume the role.

IAM roles allow you to delegate access to users or services that normally don't have access to your organization's AWS resources. This is the standard for cross-account access.

Common mistakes

Choosing to create an IAM user and sharing keys, which is a major security risk.

A company needs to grant an external auditor read-only access to specific AWS resources. The auditor has their own AWS account. What is the MOST secure way to grant this access?

How to approach this question

Full Answer

Common mistakes

Practice the full AWS SAA-C03 Practice Exam 5

More questions from this exam