Home › AWS DevOps Pro › cloudcomputing › dopsecurity › Which AWS service issues temporary, expiring sec…
Which AWS service issues temporary, expiring security tokens to assume roles (cross-account, federated, or via web identity)?
AAmazon RDS
BAWS Snowball
CAWS Security Token Service (STS)
DAmazon Route 53
Answer & Solution
Correct answer: C. AWS Security Token Service (STS)
STS is AWS's short-lived-credential issuer (per DOP-C02 §6.1). The others aren't credential services.
Related questions
Which AWS feature provides graph-based investigation of security findings to determine theWhich AWS feature lets a DevOps engineer apply preventive guardrails across an entire AWS Which AWS service automatically discovers and classifies sensitive data (PII, credentials,Which AWS service aggregates findings from GuardDuty + Inspector + IAM Access Analyzer + MWhich AWS service continuously analyses CloudTrail + VPC Flow + DNS logs with ML and threaWhich AWS service issues and rotates public TLS certificates for AWS load balancers, CloudWhich AWS service provides dedicated FIPS 140-2 Level 3 hardware HSMs for tenants with strWhich AWS service creates and rotates customer-managed encryption keys with IAM-controlled