Home/amazon aws/Free AWS DVA-C02 Actual Exam Questions/Question 15

Free AWS DVA-C02 Actual Exam Questions - Question 15 Discussion

Question No. 15

A developer must use multi-factor authentication (MFA) to access data in an Amazon S3 bucket that
is in another AWS account. Which AWS Security Token Service (AWS STS) API operation should the
developer use with the MFA information to meet this requirement?

Select one option, then reveal solution.

Andre X.

2026-02-19

It’s D because AssumeRole lets you pass MFA tokens directly for cross-account access without needing web identity or SAML setup. The others are more for federated users, so they don’t fit here.

Andre X.

2026-02-19

Maybe D here too, since AssumeRole lets you pass MFA tokens when switching roles across accounts. The others seem more tied to web identity or SAML federation, which the question doesn’t mention.

James U.

2026-02-13

D/C? AssumeRole is common for cross-account access with MFA, but AssumeRoleWithSAML also supports MFA if using SAML federation. Depends on the setup, but D seems straightforward for general cross-account role assumption.

Mason L.

2026-02-12

D, because AssumeRole supports MFA when switching roles across accounts.

Mason L.

2026-01-26

B tbh doesn’t fit because GetFederationToken is more for temporary credentials without role assumption. Since the dev needs to access cross-account S3 data with MFA, assuming a role makes more sense.

Hassan V.

2026-01-16

C, AWS X-Ray is usually for tracing Lambda issues.