A company has two AWS accounts: development and production. All applications send logs to a specific Amazon S3 bucket for each account, and the Developers are requesting access to the production account S3 buckets to view the logs. Which is the MOST efficient way to provide the Developers with access?
A) Create an AWS Lambda function with an IAM role attached to it that has access to both accounts' S3 buckets. Pull the logs from the production S3 bucket to the development S3 bucket.
B) Create IAM users for each Developer on the production account, and add the Developers to an IAM group that provides read-only access to the S3 log bucket.
C) Create an Amazon EC2 bastion host with an IAM role attached to it that has access to the production S3 log bucket, and then provision access for the Developers on the host.
D) Create a resource-based policy for the S3 bucket on the production account that grants access to the development account, and then delegate access in the development account.
Correct Answer:
Verified
Q356: In configuring an Amazon Route 53 health
Q357: A workload has been moved from a
Q358: A company's use of AWS Cloud services
Q359: A website uses Elastic Load Balancing (ELB)
Q360: An Amazon EC2 instance is unable to
Q362: A company backs up data from its
Q363: A SysOps Administrator is required to monitor
Q364: An application is running on multiple EC2
Q365: A company has deployed a fleet of
Q366: An application accesses data through a file
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents