Answer-first summary for fast verification
Answer: Combine both RBAC and ABAC models, using RBAC for high-level roles and ABAC for fine-grained access control to AWS services.
Combining RBAC and ABAC allows for the retention of the existing role-based structure while introducing the flexibility of attribute-based access control for cloud-specific services. This hybrid approach ensures a smooth transition and maintains security compliance by leveraging the strengths of both models.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
A company is transitioning from a traditional on-premises infrastructure to a cloud-based environment. As part of this transition, you need to design an authorization strategy that supports the company's existing RBAC model while integrating with AWS services. How would you approach this task to ensure a smooth transition and maintain security compliance?
A
Replicate the existing RBAC model exactly in AWS using IAM roles and policies.
B
Develop a new ABAC model that integrates with AWS services and gradually migrate users from the existing RBAC model.
C
Combine both RBAC and ABAC models, using RBAC for high-level roles and ABAC for fine-grained access control to AWS services.
D
Replace the existing RBAC model with AWS Managed Policies, which are maintained and updated by AWS.
No comments yet.