An application is being developed to audit several AWS accounts. The application will run in Account A and must access AWS services in Accounts B and C.
What is the MOST secure way to allow the application to call AWS services in each audited account?
A . Configure cross-account roles in each audited account. Write code in Account A that assumes those roles
B . Use S3 cross-region replication to communicate among accounts, with Amazon S3 event notifications to trigger Lambda functions
C . Deploy an application in each audited account with its own role. Have Account A authenticate with the application
D . Create an IAM user with an access key in each audited account. Write code in Account A that uses those access keys
Answer: A
Explanation:
https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html
Latest DVA-C01 Dumps Valid Version with 463 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund