-
Identity federation with S3
updated 2 years, 8 months ago
2 Members
·
2
Posts
-
29. QUESTION
Category: CSAA – Design Secure Applications and Architectures
A tech company that you are working for has undertaken a Total Cost Of Ownership (TCO) analysis evaluating the use of Amazon S3 versus acquiring more storage hardware. The result was that all 1200 employees would be granted access to use Amazon S3 for storage of their personal documents.
Which of the following will you need to consider so you can set up a solution that incorporates single sign-on feature from your corporate AD or LDAP directory and also restricts access for each individual user to a designated user folder in an S3 bucket? (Select TWO.)
The correct answer is,
– Setup a Federation proxy or an Identity provider
– Setup an AWS Security Token Service to generate temporary tokens
– Configure an IAM role and an IAM Policy to access the bucket.
I agree with all the above answer but restricting users to access only their folder is not covered here, please check and clarify me.
-
Hello pskarthic,
I see what you mean. Take note that in the actual exam especially at the associate levels, answers are rather simple, meets the minimum requirement that answers the objective, and sometimes do not factor in the detailed steps. These are some nuances that we are trying to replicate. And we do this to give our users a good impression of how the actual exam looks like.
Let me know what you think.
Regards,
Carlo @ Tutorials Dojo
Log in to reply.