A company is migrating its applications to the AWS Cloud. Each application will reside in its own AWS account after the migration. The applications will be hosted on Amazon EC2 Linux instances that need to be accessed through the shell for administration. The company’s administrators want to use the AWS CLI from their laptops to interact with AWS and the EC2 instances. The company is concerned that SSH access keys might be lost or become public. The company wants to avoid using long-term keys. Which combination of steps should a solutions architect recommend to meet these requirements? (Choose three.)

Topic #: - All AWS Certified Solutions Architect - Professional Questions

A. Create subaccounts and cross-account roles for each of the applications. Create users. Assign cross-account roles to the users. Provide users with their initial credentials. B Configure AWS Single Sign-On. Create users. Assign the users the permission sets for the application accounts that they need to access. Provide users with their initial credentials.
B. Use AWS Systems Manager Session Manager to obtain shell access to the EC2 instances.
C. Create an organization in AWS Organizations with all features enabled to manage the accounts. Create subaccounts to host each of the applications.
D. Create an AWS Lambda function to rotate user access keys every 30 days.
E. Create an AWS Lambda function to rotate SSH keys for the EC2 instances every 30 days.

- Awsexamhub website is not related to, affiliated with, endorsed or authorized by Amazon.
- Trademarks, certification & product names are used for reference only and belong to Amazon.

Suggested Answer:

Reference Material:

Suggested Answer:

Reference Material:

Share this post

Join the Discussion