Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Amazon Exam DVA-C02 Topic 7 Question 27 Discussion

Actual exam question for Amazon's DVA-C02 exam
Question #: 27
Topic #: 7
[All DVA-C02 Questions]

A developer must use multi-factor authentication (MFA) to access data in an Amazon S3 bucket that is in another AWS account. Which AWS Security Token Service (AWS STS) API operation should the developer use with the MFA information to meet this requirement?

Show Suggested Answer Hide Answer
Suggested Answer: D

AWS STS AssumeRole:The central operation for assuming temporary security credentials, commonly used for cross-account access.

MFA Integration:TheAssumeRolecall can include MFA information to enforce multi-factor authentication.

Credentials for S3 Access:The returned temporary credentials would provide the necessary permissions to access the S3 bucket in the other account.


AWS STS AssumeRole Documentation:https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html

Contribute your Thoughts:

Salome
6 months ago
Okay, let's see... MFA, cross-account access, AWS STS... Yep, D. AssumeRole is the way to go. Although, I'm surprised they didn't throw in a 'UseYourForceChoke' option just to mess with us developers.
upvoted 0 times
...
Jeannetta
6 months ago
D. AssumeRole, no doubt about it. I mean, who else would use GetFederationToken for this kind of thing? That's like using a sledgehammer to crack a nut.
upvoted 0 times
...
Shaunna
6 months ago
As a developer, I can totally relate to this question. Dealing with cross-account access and MFA is always a pain, but I'm pretty sure the answer is D. AssumeRole. It's the most direct way to access the S3 bucket using temporary credentials.
upvoted 0 times
Gearldine
5 months ago
AssumeRole is definitely the correct choice when dealing with cross-account access and MFA.
upvoted 0 times
...
Rosio
5 months ago
AssumeRole definitely makes sense here. It's the best choice for accessing data in another AWS account with MFA.
upvoted 0 times
...
Frankie
5 months ago
Yeah, AssumeRole is the best option for accessing data in another AWS account with MFA.
upvoted 0 times
...
Frederica
5 months ago
Yeah, I agree. AssumeRole is the most straightforward option for this scenario.
upvoted 0 times
...
Aileen
5 months ago
I think you're right, AssumeRole is the way to go for this scenario.
upvoted 0 times
...
Nathan
6 months ago
I think you're right, AssumeRole is the way to go for cross-account access with MFA.
upvoted 0 times
...
...
Carman
6 months ago
I'm torn between B and D. GetFederationToken and AssumeRole both seem like they could be used for MFA, but I'm not sure which one is the best fit here. Guess I'll have to think this one through a bit more.
upvoted 0 times
Shannon
5 months ago
Thanks for the input, I'll go with AssumeRole for MFA with the S3 bucket.
upvoted 0 times
...
Joesph
5 months ago
I agree, AssumeRole is the correct option for using MFA with AWS STS API operations.
upvoted 0 times
...
Lezlie
5 months ago
I think AssumeRole is the best fit for MFA in this case.
upvoted 0 times
...
Yen
5 months ago
D) AssumeRole
upvoted 0 times
...
Beatriz
5 months ago
C) AssumeRoleWithSAML
upvoted 0 times
...
Frankie
5 months ago
B) GetFederationToken
upvoted 0 times
...
Celeste
6 months ago
A) AssumeRoleWithWebidentity
upvoted 0 times
...
...
Leonard
7 months ago
Hmm, I think the correct answer is D. AssumeRole. The question specifically mentions using MFA to access data in an S3 bucket in another AWS account, and AssumeRole is the appropriate AWS STS API operation for that scenario.
upvoted 0 times
Paola
5 months ago
Yes, D) AssumeRole is the right API operation to use in this situation.
upvoted 0 times
...
Lore
5 months ago
I agree, D) AssumeRole is the correct choice for using MFA to access data in another AWS account.
upvoted 0 times
...
Ronald
5 months ago
Yes, AssumeRole is the right choice for this scenario. It allows temporary access to resources in a different account.
upvoted 0 times
...
Colby
6 months ago
Yes, AssumeRole is the right choice in this case. It allows temporary access to resources in a different account.
upvoted 0 times
...
Thomasena
6 months ago
I agree, D) AssumeRole is the correct option for using MFA to access data in another AWS account.
upvoted 0 times
...
Colby
6 months ago
I agree, AssumeRole is the correct option for using MFA to access data in another AWS account.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77