New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon BDS-C00 Exam - Topic 6 Question 80 Discussion

Actual exam question for Amazon's BDS-C00 exam
Question #: 80
Topic #: 6
[All BDS-C00 Questions]

A company is preparing to give AWS Management Console access to developers. Company policy mandates identity federation and role based access control. Roles are currently assigned using groups in the corporate Active Directory. What combination of the following will give developers access to the AWS console? Choose 2 answers

Show Suggested Answer Hide Answer
Suggested Answer: A

by Freeman at Oct 05, 2023, 12:29 AM

Limited Time Offer

25%

Off

Get Premium BDS-C00 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Chauncey
3 months ago
But what about using IAM users? Isn’t that a thing too?
upvoted 0 times
...
Virgie
3 months ago
I agree with A and D, that’s the standard approach.
upvoted 0 times
...
Mauricio
4 months ago
Wait, can you really use Simple AD for this? Seems off.
upvoted 0 times
...
Julieta
4 months ago
I think C is also a good option.
upvoted 0 times
...
Lonny
4 months ago
Definitely A and D for sure!
upvoted 0 times
...
Gearldine
4 months ago
I don't recall seeing Simple AD mentioned in our materials, so I'm leaning towards the AD connector and IAM roles for this one.
upvoted 0 times
...
Beckie
4 months ago
I'm a bit confused about whether we should choose IAM groups or roles. I feel like both could be relevant, but I need to double-check.
upvoted 0 times
...
Ryan
5 months ago
I remember practicing a similar question, and I think IAM roles are definitely one of the answers we need here.
upvoted 0 times
...
Lenna
5 months ago
I think we need to use AWS Directory Service AD connector for identity federation, but I'm not entirely sure about the second option.
upvoted 0 times
...
Tambra
5 months ago
I think I've got it! The key is to use a combination of AWS Directory Service (either AD Connector or Simple AD) to integrate with the corporate Active Directory, and then use IAM roles to assign the appropriate permissions to the developers. The Active Directory groups will map to the IAM roles.
upvoted 0 times
...
Jamika
5 months ago
Alright, I've got this. We need to use a combination of AWS Directory Service (either AD Connector or Simple AD) to federate the corporate Active Directory, and then leverage IAM roles to assign the appropriate permissions. The groups in Active Directory will map to the IAM roles.
upvoted 0 times
...
Vincent
5 months ago
Okay, let's see... We need to give developers access to the AWS console, and the company policy says we have to use identity federation and roles. I'm thinking AWS Directory Service and IAM roles might be involved, but I'm not totally sure.
upvoted 0 times
...
Albert
5 months ago
Hmm, this looks like it's testing our understanding of AWS identity management and access control. I think the key is to focus on the requirements - identity federation and role-based access. That narrows it down a bit.
upvoted 0 times
...
Dominque
5 months ago
Hmm, I'm a little confused on this one. I know we need to use identity federation and roles, but I'm not sure if we should go with AWS Directory Service or just use IAM groups and roles directly. I'll have to think this through a bit more.
upvoted 0 times
...
Gabriele
5 months ago
Whoa, this is a lot of different configurations to do. NAT, NTP, DHCP, SSH - that's a lot to remember. I'm not sure I'm going to be able to get all of these right on the exam. Maybe I should focus on just one or two and try to really nail those down.
upvoted 0 times
...
Ligia
5 months ago
Hmm, I'm not totally sure, but I think the Security Profile can block or allow traffic after it is matched to a Security policy rule that allows traffic. That seems to make the most sense to me.
upvoted 0 times
...
Sheldon
5 months ago
I'm a bit confused on this one. If the user's sign-in is correct, disabling custom error messages or creating a new one doesn't seem like it would solve the issue. I think I'd go with enabling the diagnostic tools in Lifecycle Services to try and get to the root of the problem.
upvoted 0 times
...
Murray
5 months ago
Hmm, I'm a bit unsure about this one. I know PROC PRINT has a lot of different options, but I can't quite remember which one is for displaying variable labels. I'll have to think this through carefully.
upvoted 0 times
...
Rasheeda
5 months ago
The key is to create an intermediary task with a 12-hour duration between the glassing and painting tasks. That way, the painting can start right after the 12-hour maintenance period.
upvoted 0 times
...
Keneth
10 months ago
I bet the exam writers are chuckling to themselves, thinking 'Let's see if they can resist the temptation of those individual IAM users!'
upvoted 0 times
Hector
9 months ago
C) AWS identity and Access Management groups
upvoted 0 times
...
Peggy
9 months ago
A) AWS Directory Service AD connector
upvoted 0 times
...
...
Carey
10 months ago
Hah, imagine if we tried to just add the developers as individual IAM users. That would be a nightmare to manage! Good thing we've got the group and role-based approach.
upvoted 0 times
...
Roy
10 months ago
Wait, do we need to create a whole new directory service with Simple AD? I thought the AD Connector would do the trick. Oh well, better to have options, I guess.
upvoted 0 times
Corrie
10 months ago
C) AWS identity and Access Management groups
upvoted 0 times
...
Elliott
10 months ago
A) AWS Directory Service AD connector
upvoted 0 times
...
...
Gladys
11 months ago
Yeah, the AD groups are the key here. We'll use the AWS Directory Service AD Connector to link our on-prem AD to AWS, and then assign the IAM roles based on those AD groups. Seems straightforward enough.
upvoted 0 times
...
Willow
11 months ago
Hmm, looks like I need to use both AWS IAM roles and AD groups to give the developers the access they need. The AD groups will map to the IAM roles, right?
upvoted 0 times
Thea
9 months ago
It's a secure and efficient way to give developers access to the AWS Management Console.
upvoted 0 times
...
Belen
10 months ago
Exactly, that way we can manage access control based on the roles assigned to the AD groups.
upvoted 0 times
...
Hermila
10 months ago
So, we will use AWS IAM roles to define the permissions and AD groups to assign users to those roles.
upvoted 0 times
...
Malcom
10 months ago
Yes, you are correct. Using AWS IAM roles and AD groups is the way to go.
upvoted 0 times
...
...
Myong
11 months ago
I'm not sure about this. Can someone explain why we need both IAM groups and roles for developers to access the AWS console?
upvoted 0 times
...
Jackie
11 months ago
I agree with Timmy. Using IAM groups and roles will allow developers to access the AWS console based on their permissions.
upvoted 0 times
...
Timmy
11 months ago
I think the correct answers are C) AWS identity and Access Management groups and D) AWS identity and Access Management roles.
upvoted 0 times
...

Save Cancel