What is the MOST secure way to achieve this?

Posted by: Pdfprep Category: DVA-C01 Tags: , ,

A Developer needs temporary access to resources in a second account.

What is the MOST secure way to achieve this?
A . Use the Amazon Cognito user pools to get short-lived credentials for the second account.
B . Create a dedicated IAM access key for the second account, and send it by mail.
C . Create a cross-account access role, and use sts:AssumeRoleAPI to get short-lived credentials.
D . Establish trust, and add an SSH key for the second account to the IAM user.

Answer: C

Explanation:

Reference: https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html

Leave a Reply

Your email address will not be published.