Secure Architecture III

Explore solutions for securing and managing AWS environments across multiple accounts, including IAM role delegation, using Amazon QLDB for data integrity, conducting security audits with Amazon Inspector, controlling S3 access, and implementing SSL offloading with AWS Certificate Manager. This lesson helps you design resilient, secure architectures aligned with compliance and operational efficiency.

We'll cover the following...

Question 29
Question 30
Question 31
Question 32
Question 33

Question 29

A company has several teams, and as a solutions architect, you are asked to delegate access to a set of users from the development team to access resources in the production team. Both of these teams are under different AWS accounts that are part of an organization.

A. Create a new IAM role with the required permissions to access the resources in the PROD environment. The users can then assume this IAM role while accessing the resources from the PROD env.

B. Create new IAM user credentials for the production environment and share these credentials with the set of users from the development environment

C. Use the AWS Resource Access Manager (RAM) to allow the development team to access resources in the production account.

D. Configure AWS Single Sign-On (SSO) with cross-account access.