AWS Certified Cloud Practitioner

Explanation

Option A is the correct answer because it follows AWS security best practices:

• MFA for root user and all IAM users: The root user has unrestricted access to all AWS services and resources, so MFA is critical. For IAM users, MFA adds an extra layer of security beyond just username and password.

• Rotate access keys: Regularly rotating access keys reduces the risk if keys are accidentally exposed or compromised.

Why other options are incorrect:

• Option B: Creating a single shared IAM user account violates the principle of least privilege and makes auditing difficult. Each developer should have their own IAM user with appropriate permissions.

• Option C: Using the root user for programmatic access is strongly discouraged by AWS. The root user should only be used for account management tasks, not for daily operations or programmatic access.

• Option D: While MFA for the root user is good, this option doesn't address the need for individual developer accounts or access key rotation. IAM permissions boundaries alone are not sufficient for comprehensive security.

AWS Security Best Practices:

• Use individual IAM users instead of shared accounts

• Enable MFA for all users

• Rotate access keys regularly

• Use the root user only for essential account management tasks

• Follow the principle of least privilege