AWS Certified Developer – Associate (DVA-C02) — Question 360

A company has a development team that uses AWS CodeCommit for version control. The development team has CodeCommit repositories in multiple AWS accounts. The team is expanding to include developers who work in various locations.

The company must ensure that the developers have secure access to the repositories.

Which solution will meet these requirements in the MOST operationally efficient way?

Answer options

• A. Configure IAM roles for each developer and grant access individually.
• B. Configure permission sets in AWS IAM Identity Center to grant access to the accounts.
• C. Share AWS access keys with the development team for direct repository access.
• D. Use public SSH keys for authentication to the CodeCommit repositories.

Correct answer: B

Explanation

AWS IAM Identity Center allows administrators to centrally manage access to multiple AWS accounts using permission sets, making it the most operationally efficient solution for a growing, distributed team. Managing individual IAM roles or public SSH keys across multiple accounts introduces significant administrative overhead and does not scale well. Sharing access keys is a major security risk and violates AWS security best practices.