Amazon Exam BDS-C00 Topic 5 Question 79 Discussion

Actual exam question for Amazon's BDS-C00 exam

Question #: 79
Topic #: 5

You are managing the AWS account of a big organization. The organization has more than

1000+ employees and they want to provide access to the various services to most of the employees. Which of the below mentioned options is the best possible solution in this case?

AThe user should create a separate IAM user for each employee and provide access to them as per the policy

BThe user should create an IAM role and attach STS with the role. The user should attach that role to the EC2 instance and setup AWS authentication on that server

CThe user should create IAM groups as per the organization's departments and add each user to the group for better access control

DAttach an IAM role with the organization's authentication service to authorize each user for various AWS services

Show Suggested Answer

Suggested Answer: B

by Annabelle at Aug 29, 2023, 11:49 AM

Limited Time Offer

25%

Off

Get Premium BDS-C00 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Erinn

2 months ago

If I had to manage over 1000 IAM users, I'd need a lot of coffee and a strong sense of patience. Option C is definitely the sanest choice.

upvoted 0 times

Bernardo

21 hours ago

I agree, managing individual IAM users for over 1000 employees would be a nightmare. Grouping them by department is the way to go.

upvoted 0 times

...

Shakira

3 days ago

Option C is definitely the best choice. Creating IAM groups for each department will make access control much easier.

upvoted 0 times

...

Freeman

2 months ago

Option C is the way to go. Grouping users by department is like herding cats, but it's the most efficient solution for this scenario.

upvoted 0 times

Ezekiel

6 days ago

Attaching an IAM role with the organization's authentication service might be too complex for this scenario.

upvoted 0 times

...

Toi

8 days ago

Creating separate IAM users for each employee would be too cumbersome in this case.

upvoted 0 times

...

Maybelle

24 days ago

I agree, grouping users by department will make it easier to manage access control.

upvoted 0 times

...

Marilynn

2 months ago

I like how option B uses STS to authenticate users on the EC2 instance. That's a clever way to handle a large user base.

upvoted 0 times

...

Angella

2 months ago

That's a valid point, but I still think option C would be more efficient for managing access permissions for a large organization with over 1000 employees.

upvoted 0 times

...

Gregoria

2 months ago

Option A is way too much work for a company with over 1000 employees. Imagine creating and managing all those individual IAM users! No thanks!

upvoted 0 times

Julian

1 months ago

C) The user should create IAM groups as per the organization's departments and add each user to the group for better access control

upvoted 0 times

...

Loren

2 months ago

A) The user should create a separate IAM user for each employee and provide access to them as per the policy

upvoted 0 times

...

Sanda

2 months ago

Option D seems like a good idea too. Integrating the organization's authentication service with IAM roles could simplify the process and improve security.

upvoted 0 times

Winfred

1 months ago

D) Attach an IAM role with the organization's authentication service to authorize each user for various AWS services

upvoted 0 times

...

Jenelle

1 months ago

C) The user should create IAM groups as per the organization's departments and add each user to the group for better access control

upvoted 0 times

...

Daniel

1 months ago

A) The user should create a separate IAM user for each employee and provide access to them as per the policy

upvoted 0 times

...

Selma

2 months ago

I disagree, I believe option A is more suitable as it provides individual access to each employee and ensures better security measures.

upvoted 0 times

...

Arlene

2 months ago

I think option C is the best solution. Creating IAM groups based on the organization's departments and adding each user to the appropriate group will make it easier to manage access control.

upvoted 0 times

...

Angella

3 months ago

I think option C is the best solution because it allows for better access control by organizing users into groups based on departments.

upvoted 0 times

...