Amazon Exam SCS-C01 Topic 5 Question 21 Discussion

Actual exam question for Amazon's SCS-C01 exam

Question #: 21
Topic #: 5

A company's cloud operations team is responsible for building effective security for AWS cross-account access. The team asks a security engineer to help troubleshoot why some developers in the developer account (123456789012) in the developers group are not able to assume a cross-account role (ReadS3) into a production account (999999999999) to read the contents of an Amazon S3 bucket (productionapp). The two account policies are as follows:

Which recommendations should the security engineer make to resolve this issue? (Select TWO.)

AAsk the developers to change their password and use a different web browser.

BEnsure that developers are using multi-factor authentication (MFA) when they log in to their developer account as the developer role.

CModify the production account ReadS3 role policy to allow the PutBucketPolicy action on the productionapp S3 bucket.

DUpdate the trust relationship policy on the production account S3 role to allow the account number of the developer account.

EUpdate the developer group permissions in the developer account to allow access to the productionapp S3 bucket.

Show Suggested Answer

Suggested Answer: A, D

by Teri at May 07, 2022, 08:10 PM

Limited Time Offer

25%

Off

Get Premium SCS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!