Q40 — AWS DVA-C02 Ch.1

Question 40 of 100 | ← Chapter 1

A developer needs temporary access to resources in a second AWS account. What is the most secure approach?

Correct Answer: C. Create a cross-account access role and use the sts:AssumeRole API to obtain short-term credentials.

Explanation

The most secure method is to create a cross-account access role and use the sts:AssumeRole API to obtain temporary credentials. This allows users or roles in the first account to assume a role in the second account and receive time-limited credentials to access its resources—without sharing long-term credentials or keys. This approach ensures temporariness and security, with credentials automatically expiring after use, minimizing potential security risks. 【Lantern Certification provided by: swufelp1999】