You're reading from AWS Certified Solutions Architect – Professional Exam Guide (SAP-C02) Gain the practical skills, knowledge, and confidence to ace the AWS (SAP-C02) exam on your first attempt

Product type Paperback

Published in Mar 2024

Publisher Packt

ISBN-13 9781801813136

Length 428 pages

Edition 1st Edition

Tools

AWS

Concepts

Cloud Computing

Authors (2):

Yohan Wadia

Patrick Sard

View More author details

Table of Contents (23) Chapters

Preface

1. Chapter 1: Determining an Authentication and Access Control Strategy for Complex Organizations

2. Chapter 2: Designing Networks for Complex Organizations FREE CHAPTER

3. Chapter 3: Designing a Multi-Account AWS Environment for Complex Organizations

4. Chapter 4: Ensuring Cost Optimization

5. Chapter 5: Determining Security Requirements and Controls

6. Chapter 6: Meeting Reliability Requirements

7. Chapter 7: Ensuring Business Continuity

8. Chapter 8: Meeting Performance Objectives

9. Chapter 9: Establishing a Deployment Strategy

10. Chapter 10: Designing for Cost Efficiency

11. Chapter 11: Improving Operational Excellence

12. Chapter 12: Improving Reliability

13. Chapter 13: Improving Performance

14. Chapter 14: Improving Security

15. Chapter 15: Improving Deployment

16. Chapter 16: Exploring Opportunities for Cost Optimization

17. Chapter 17: Selecting Existing Workloads and Processes to Migrate

18. Chapter 18: Selecting Migration Tools and Services

19. Chapter 19: Determining a New Architecture for Existing Workloads

20. Chapter 20: Determining Opportunities for Modernization and Enhancements

21. Chapter 21: Accessing the Online Practice Resources

22. Other Books You May Enjoy

Leveraging Access Delegation

You are now going to investigate access delegation. Access delegation is essentially used for the following reasons:

Providing an entity temporary access to resources that they do not have access to with their current privileges. This could be one of the following:
- A user that needs temporarily elevated privileges to perform a specific task
- An application or AWS service that requires specific privileges
Providing an entity access to resources located in another AWS account.

Now, start by examining these cases.

Temporary Access Delegation

Take for instance, the first use case where you need to provide trusted users, applications, or AWS services with temporary security credentials so that they can access your AWS resources. As the name implies, the security credentials that will be provided are temporary, which has the following benefits: