Home › Forums › AWS › AWS Certified Solutions Architect Associate › Incorrect question & answer › Reply To: Incorrect question & answer
-
Hello Aiqing,
Thank you for raising this. Yes, you are correct. The second correct answer should be “Set up a one-way trust where the new Active Directory in AWS trusts the existing on-premises Active Directory.”
This setup ensures that users in the on-premises Active Directory can access and manage AWS resources, such as RDS databases and EC2 instances, without allowing AWS-based users access to on-premises systems. This configuration aligns with the organization’s security policy by keeping cloud-based users in a separate authentication domain, thus preventing unauthorized access to sensitive on-premises systems. A one-way trust in this direction provides the necessary control and security, allowing on-premises administrators to manage cloud resources securely.
We have already updated this item, and it should reflect soon. If you need further assistance, please don’t hesitate to contact us.
Regards,
Nikee @ Tutorials Dojo