A company's cloud operations team is responsible for building effective security for IAM cross-account access.

Amazon Web Services SCS-C02 Question Answer

A company's cloud operations team is responsible for building effective security for IAM cross-account access. The team asks a security engineer to help troubleshoot why some developers in the developer account (123456789012) in the developers group are not able to assume a cross-account role (ReadS3) into a production account (999999999999) to read the contents of an Amazon S3 bucket (productionapp).The two account policies are as follows:

Which recommendations should the security engineer make to resolve this issue? (Select TWO.)

Ask the developers to change their password and use a different web browser.

Ensure that developers are using multi-factor authentication (MFA) when they log in to their developer account as the developer role.

Modify the production account ReadS3 role policy to allow the PutBucketPolicy action onthe productionapp S3 bucket.

Update the trust relationship policy on the production account S3 role to allow the account number of the developer account.

Update the developer group permissions in the developer account to allow access to the productionapp S3 bucket.

Amazon Web Services SCS-C02 View All Questions

Amazon Web Services SCS-C02 Summary

Vendor: Amazon Web Services
Product: SCS-C02
Update on: Dec 19, 2025
Questions: 467

Price: $52.5 ~~$149.99~~

Buy Now SCS-C02 PDF + Testing Engine Pack

A security engineer needs to build a solution to turn IAM CloudTrail back on in...

A company uses a third-party identity provider and SAML-based SSO for its AWS accounts.

New Year Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmasmnth

A company's cloud operations team is responsible for building effective security for IAM cross-account access.

The Answer Is:

Amazon Web Services SCS-C02 Summary

Payments We Accept

Contact Us