Ends in
00
days
00
hrs
00
mins
00
secs
SHOP NOW

Get $3 OFF ALL CCP, SAA, CDA, and SysOps Video Courses!

Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified Solutions Architect Professional Clarification on Review Mode 2 Question 65 Reply To: Clarification on Review Mode 2 Question 65

  • Neil-TutorialsDojo

    Member
    July 5, 2024 at 9:43 am

    Hi SalientListener,

    Good day!

    Thank you for your feedback.

    To clarify why option (3) is correct, it is because it follows the correct sequence in conjunction with option (1). This means that it still uses an identity broker. The application first authenticates against LDAP to retrieve the name of an IAM role associated with the user and then assumes that role via a call to IAM Security Token Service (STS). The temporary credentials from this role allow access to the appropriate S3 bucket.

    Option (2) is incorrect because, as explained in its explanation, it doesn’t follow the necessary sequence. It implies a direct interaction with STS without appropriately leveraging the identity broker to mediate the authentication process with LDAP.

    I hope this clarifies the reasoning behind the correct answers. If you have more clarifications, pls let us know.

    Regards,
    Neil @ Tutorials Dojo