New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon DVA-C02 Exam - Topic 7 Question 25 Discussion

Actual exam question for Amazon's DVA-C02 exam
Question #: 25
Topic #: 7
[All DVA-C02 Questions]

A developer must use multi-factor authentication (MFA) to access data in an Amazon S3 bucket that is in another AWS account. Which AWS Security Token Service (AWS STS) API operation should the developer use with the MFA information to meet this requirement?

Show Suggested Answer Hide Answer
Suggested Answer: D

AWS STS AssumeRole:The central operation for assuming temporary security credentials, commonly used for cross-account access.

MFA Integration:TheAssumeRolecall can include MFA information to enforce multi-factor authentication.

Credentials for S3 Access:The returned temporary credentials would provide the necessary permissions to access the S3 bucket in the other account.


AWS STS AssumeRole Documentation:https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html

by Pete at Apr 29, 2024, 12:36 AM

Limited Time Offer

25%

Off

Get Premium DVA-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Margart
3 months ago
Surprised that it's not just AssumeRole!
upvoted 0 times
...
Thad
3 months ago
I thought GetFederationToken was the way to go.
upvoted 0 times
...
Rodolfo
3 months ago
Wait, is AssumeRoleWithWebidentity even relevant here?
upvoted 0 times
...
Elza
4 months ago
Totally agree, that's the right choice!
upvoted 0 times
...
Mila
4 months ago
Gotta use AssumeRoleWithSAML for MFA access.
upvoted 0 times
...
Lilli
4 months ago
I feel like I saw something about GetFederationToken in a practice exam, but I can't remember if it was the right choice for MFA scenarios.
upvoted 0 times
...
Vicente
4 months ago
I have a vague memory that AssumeRoleWithWebidentity is more for web applications, so I don't think that's it.
upvoted 0 times
...
Lynette
4 months ago
I remember practicing a question about using MFA with STS, and I feel like AssumeRoleWithSAML could be relevant, but I can't recall the details.
upvoted 0 times
...
Laurel
5 months ago
I think the answer might be D, AssumeRole, but I'm not entirely sure if it requires MFA specifically.
upvoted 0 times
...
Gene
5 months ago
I think the answer is AssumeRole, since that's the most common STS operation and it supports MFA. But I'm not 100% sure, so I'll double-check the details.
upvoted 0 times
...
Audra
5 months ago
Okay, the key here is that the developer needs to use MFA to access the data. That means they'll need to use one of the STS operations that supports MFA.
upvoted 0 times
...
Pamella
5 months ago
Hmm, I'm not entirely sure about the differences between all the STS operations. I'll need to think this through carefully.
upvoted 0 times
...
Aileen
5 months ago
This looks like a pretty straightforward question about AWS STS operations. I'm pretty confident I can figure this out.
upvoted 0 times
...
Corinne
5 months ago
I'm a bit confused by the different STS operations and when to use each one. I'll need to review the documentation to make sure I understand the differences.
upvoted 0 times
...
Katina
5 months ago
Hmm, I'm not totally sure about this one. I know we need to manage large sets of Vulnerable items, but I'm not familiar with the different options like Vulnerability Groups, Calculator Group, or Filter Group. I'll have to think this through carefully.
upvoted 0 times
...
Ira
5 months ago
I feel like I saw something about these in a similar question, maybe Service Composability is among them too?
upvoted 0 times
...
Sherron
2 years ago
Yes, you’re right. AssumeRole is the best suited for MFA in such cross-account scenarios.
upvoted 0 times
...
Luisa
2 years ago
But doesn't AssumeRole alone require additional permissions? MFA info should specifically be used with AssumeRole.
upvoted 0 times
...
Meaghan
2 years ago
Hmm, AssumeRoleWithSAML is for SAML-based authentication. I think it's AssumeRole.
upvoted 0 times
...
Fletcher
2 years ago
I think the correct answer is AssumeRoleWithSAML.
upvoted 0 times
...
Luisa
2 years ago
Yeah, it's about accessing Amazon S3 from another AWS account.
upvoted 0 times
...
Sherron
2 years ago
This is a tricky question about multi-factor authentication.
upvoted 0 times
...

Save Cancel