AWS Certified Security - Specialty
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
An organization is planning to deploy a new application on AWS that requires access to multiple services, including EC2, S3, and RDS. The application will be managed by a team of developers and administrators with varying levels of access requirements. How would you design an authorization strategy that ensures the application's security while accommodating the diverse access needs of the team?
A
Use AWS Managed Policies for all team members, ensuring consistent and secure access to AWS services.
B
Create custom IAM roles with specific permissions for each team member based on their job function.
C
Implement a hybrid approach using both RBAC and ABAC, with RBAC defining high-level roles and ABAC handling fine-grained access control based on attributes such as time and location.
D
Rotate IAM credentials frequently to minimize the risk of unauthorized access.