Secure Architecture III
Prepare yourself for the AWS Certified Solutions Architect Associate SAA-C03 Certificate exam with the help of practice questions focusing on AWS Resource Access Manager (RAM), IAM Policy Simulator, AWS Lake Formation, Permission boundaries, and attribute-based access control (ABAC) policy to secure an AWS infrastructure.
We'll cover the following
Question 28
A large organization has multiple AWS accounts, each managing different departments and projects. The organization wants to share specific AWS resources, such as AWS Transit Gateway and AWS License Manager, across accounts to simplify management and reduce costs. The solution should ensure that resource sharing is secure and efficient and does not expose resources to unauthorized accounts.
As a solutions architect, recommend a solution that securely shares AWS resources across multiple AWS accounts while ensuring that only authorized accounts have access.
A. Use AWS IAM policies to grant cross-account access to the resources and manage permissions for each account.
B. Create a resource share in AWS Resource Access Manager (RAM) and specify the resource types and accounts with which to share the resources.
C. Use AWS VPC Peering to connect VPCs across accounts and configure resource access between accounts.
D. Implement cross-account IAM roles to allow access to the resources and use AWS Organizations to manage the sharing of resources across accounts.
Get hands-on with 1400+ tech skills courses.