The company you work for has a huge amount of infrastructure built on AWS. However, there have been some concerns recently about the security of this infrastructure. An external auditor has been given the task of running a thorough check of all of your company`s AWS assets. The auditor will be in the USA while your company`s infrastructure resides in the Asia Pacific (Sydney) region on AWS. Initially, he needs to check all of your VPC assets, specifically security groups and NACLs You have been assigned the task of providing the auditor with a login to be able to do this. Which of the following would be the best and most secure solution to provide the auditor to begin his initial investigations? Choose the correct answer from the options below.

Answer options:

A.Create an IAM user tied to an administrator role. Also, provide an additional level of security with MFA.B.Give him root access to your AWS Infrastructure. Because he is an auditor; he will need access to every service.
C.Create an IAM user who will have read-only access to your AWS VPC infrastructure and provide the auditor with those credentials.
D.Create an IAM user with full VPC access but set a condition that will not allow him to modify anything if the request is from any IP other than his own.

Answer – C
Generally, you should refrain from giving high-level permissions and give only the required permissions. In this case, option C fits well by just providing the relevant access which is required.
For more information on IAM, please see the below link:
https://aws.amazon.com/iam/