A company has hired an external vendor to perform work in the company’s AWS account
The vendor uses an automated tool that is hosted in an AWS account that the vendor owns
The vendor does not have 1AM access to the company’s AWS account
How should a solutions architect grant this access to the vendor?
A . Create an lAM rote in the company’s account to delegate access to the vendor’s 1AM role Attach the appropriate 1AM policies to the role for the permissions that the vendor requires
B . Create an lAM user in the company’s account with a password that meets the password complexity requirements Attach the appropriate lAM policies to the user (or the permissions that the vendor requires
C . Create an IAM group in the company’s account Add the tool’s lAM user from the vendor account lo the group Attach the appropriate lAM policies to the group for the permissions that the vendor requires
D . Create a new identity provider by choosing "AWS account" as the provider type in the 1AM console Supply the vendor’s AWS account ID and user name Attach the appropriate 1AM policies to the new provider for the permissions that the vendor requires
Answer: B
Leave a Reply