ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C03 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C03 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 981 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C03
Question #: 981
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C03 Questions]

A company is building a cloud-based application on AWS that will handle sensitive customer data. The application uses Amazon RDS for the database, Amazon S3 for object storage, and S3 Event Notifications that invoke AWS Lambda for serverless processing.

The company uses AWS IAM Identity Center to manage user credentials. The development, testing, and operations teams need secure access to Amazon RDS and Amazon S3 while ensuring the confidentiality of sensitive customer data. The solution must comply with the principle of least privilege.

Which solution meets these requirements with the LEAST operational overhead?

  • A. Use IAM roles with least privilege to grant all the teams access. Assign IAM roles to each team with customized IAM policies defining specific permission for Amazon RDS and S3 object access based on team responsibilities.
  • B. Enable IAM Identity Center with an Identity Center directory. Create and configure permission sets with granular access to Amazon RDS and Amazon S3. Assign all the teams to groups that have specific access with the permission sets.
  • C. Create individual IAM users for each member in all the teams with role-based permissions. Assign the IAM roles with predefined policies for RDS and S3 access to each user based on user needs. Implement IAM Access Analyzer for periodic credential evaluation.
  • D. Use AWS Organizations to create separate accounts for each team. Implement cross-account IAM roles with least privilege. Grant specific permission for RDS and S3 access based on team roles and responsibilities.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by kevindu at Aug. 16, 2024, 12:12 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
kevindu
Highly Voted 8 months, 1 week ago
Selected Answer: B
Is there anyone who has recently passed the exam who can tell me approximately how many of the original questions are in the actual exam?
upvoted 9 times
...
dhewa
Highly Voted 8 months, 1 week ago
Selected Answer: B
IAM Identity Center: This service simplifies user management by centralizing credentials and access control. Permission Sets: You can create granular permission sets that align with the principle of least privilege, ensuring that each team has only the access they need. Group Assignments: By assigning teams to groups with specific permission sets, you streamline access management and reduce the complexity of individual user permissions. This approach minimizes operational overhead while maintaining secure and compliant access to sensitive customer data
upvoted 5 times
...
LeonSauveterre
Most Recent 3 months, 2 weeks ago
Selected Answer: B
A - Managing and customizing IAM roles for multiple teams can become more and more complex and high-maintenance, especially if team responsibilities evolve. B - IAM Identity Center (formerly AWS SSO) allows you to manage/update access for multiple teams from one place. C - TOO MUCH WORK. D - Cross-account access is harder to manage and introduces additional operational overhead.
upvoted 2 times
...
JoeTromundo
7 months ago
Selected Answer: B
Option A is goo but not the best, which is option B.
upvoted 2 times
...
aragon_saa
8 months, 1 week ago
Selected Answer: B
Answer is B
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago