ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C02 topic 1 question 664 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C02
Question #: 664
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C02 Questions]

A company has hired an external vendor to perform work in the company's AWS account. The vendor uses an automated tool that is hosted in an AWS account that the vendor owns. The vendor does not have IAM access to the company's AWS account.
How should a solutions architect grant this access to the vendor?

  • A. Create a IAM role in the company's account to delegate access to the vendor's IAM role. Attach the appropriate IAM policies to the role for the permissions that the vendor requires.
  • B. Create an IAM user in the company's account with a password that meets the password complexity requirements. Attach the appropriate IAM policies to the user for the permissions that the vendor requires.
  • C. Create an IAM group in the company's account. Add the tool's IAM user from the vendor account to the group for the permissions that the vendor requires.
  • D. Create a new identity provider by choosing ג€AWS accountג€ as the provider type in the IAM console. Supply the vendor's AWS account ID and user name. Attach the appropriate IAM policies to the new provider for the permissions that the vendor requires.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by rodriiviru at Oct. 3, 2022, 3:20 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
BECAUSE
1 year, 11 months ago
Selected Answer: A
A is the answer
upvoted 1 times
...
jsantisf
2 years, 1 month ago
Selected Answer: A
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_common-scenarios_third-party.html
upvoted 1 times
...
bullrem
2 years, 3 months ago
Option A is the recommended solution because it allows the company to grant access to the vendor's IAM role, which is the best practice for cross-account access. The role created in the company's account can be limited to only the permissions that the vendor requires. Option D is also a good solution. It creates a new identity provider in the company's AWS account by using the vendor's AWS account ID and user name. This allows the company to grant access to the vendor's user without having to share or store the vendor's AWS access keys.
upvoted 1 times
...
jxp09
2 years, 7 months ago
Selected Answer: A
Perfect A
upvoted 1 times
...
Ekie
2 years, 7 months ago
A: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_common-scenarios_third-party.html
upvoted 1 times
Jobair
2 years, 6 months ago
When third parties require access to your organization's AWS resources, you can use roles to delegate access to them.
upvoted 1 times
...
...
rodriiviru
2 years, 7 months ago
Selected Answer: B
I think it's B
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago