AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
A company is building an application in the AWS Cloud. The company wants to use temporary credentials for the application to access other AWS resources.
Which AWS service will meet these requirements?
Real Exam
Community
RRitesh
A
AWS Key Management Service (AWS KMS)
B
AWS CloudHSM
C
Amazon Cognito
D
AWS Security Token Service (AWS STS)
Explanation:
Explanation
AWS Security Token Service (AWS STS) is the correct answer because:
-
AWS STS provides temporary, limited-privilege credentials for IAM users or federated users
-
These temporary credentials are ideal for applications that need to access AWS resources securely
-
The credentials expire after a specified period, enhancing security
-
AWS STS supports various scenarios including cross-account access, federated identity, and assuming IAM roles
Why the other options are incorrect:
-
AWS KMS (A): Used for creating and managing encryption keys, not for temporary credentials
-
AWS CloudHSM (B): Hardware security module service for managing encryption keys, not for temporary credentials
-
Amazon Cognito (C): Provides user authentication and authorization for web and mobile apps, but doesn't directly provide temporary AWS credentials like STS does
AWS STS is specifically designed to provide secure temporary credentials that applications can use to access AWS resources.
Comments
Loading comments...