AWS Certified Developer Associate (#202)

A Developer needs temporary access to resources in a second account. What is the MOST secure way to achieve this?

Use the Amazon Cognito user pools to get short-lived credentials for the second account.
Create a dedicated IAM access key for the second account, and send it by mail.
Create a cross-account access role, and use
sts:AssumeRole
API to get short-lived credentials.
Establish trust, and add an SSH key for the second account to the IAM user.