SCS-C02 Domain 3: Identity and Access Management

A hybrid environment must support a goal to rotate access keys automatically without changing application code. What should you implement? rotate access keys automatically.

Multiple choice — select one answer

Answer choices

  1. a. IAM MFA policies
  2. b. IAM Identity Center with external IdP
  3. c. Lambda rotation or eliminate keys with roles
  4. d. IAM permission boundaries

Architectural breakdown & explanation

Prefer roles; rotate keys if required.

Correct answer(s): c. Lambda rotation or eliminate keys with roles

Exam domain: Domain 3: Identity and Access Management (20% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the AWS Certified Security – Specialty bank. Run a full timed practice exam with domain-weighted random questions in your browser.