A company must grant a team of developers access to its AWS resources while maintaining a high level of security and preventing unauthorized access to sensitive data. Which solution meets these requirements?
Choose an answer
Tap an option to check your answer.
Correct answer: Define IAM roles with fine-grained permissions based on the principle of least privilege. Assign an IAM role to each developer..
Why this is the answer
Defining IAM roles with fine-grained permissions based on the principle of least privilege and assigning a role to each developer is the most secure and scalable solution. This approach ensures developers only have the necessary permissions to perform their tasks, minimizing the risk of unauthorized access or accidental data exposure. Sharing IAM user credentials (Option A) is a severe security risk, as it compromises individual accountability and makes credential rotation difficult. Creating IAM access keys (Option C) grants programmatic access but doesn't inherently enforce least privilege or provide the same level of granular control and manageability as roles, especially for human users. AWS Cognito (Option D) is primarily for managing user identities for web and mobile applications, not for granting direct access to AWS resources for internal development teams.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed