PrepAway - Latest Free Exam Questions & Answers

What does this policy statement entitle the user to perform?

An organization (Account ID 123412341234. has attached the below mentioned IAM policy to a
user. What does this policy statement entitle the user to perform?
“Statement”: [
{
“Sid”: “AllowUsersAllActionsForCredentials”,
“Effect”: “Allow”,
“Action”: [
“iam:*AccessKey*”,
],
“Resource”: [“arn:aws:iam:: 123412341234:user/${aws:username}”]
} ]

PrepAway - Latest Free Exam Questions & Answers

A.
0

B.
0

C.
0

D.
0

Explanation:
AWS Identity and Access Management is a web service which allows organizations to manage
users and user permissions for various AWS services. If the organization (Account ID
123412341234. wants some of their users to manage keys (access and secret access keys. of all
IAM users, the organization should set the below mentioned policy which entitles the IAM user to
modify keys of all IAM users with CLI, SDK or API.
“Statement”: [
{
“Sid”: “AllowUsersAllActionsForCredentials”,
“Effect”: “Allow”,
“Action”: [
“iam:*AccessKey*”,
],
“Resource”: [“arn:aws:iam:: 123412341234:user/${aws:username}”]
}]

2 Comments on “What does this policy statement entitle the user to perform?

  2. Stan says:

    A. The policy allows the IAM user to modify all IAM user’s credentials using the console, SDK, CLI or APIs
    B. The policy will give an invalid resource error
    C. The policy allows the IAM user to modify all credentials using only the console
    D. The policy allows the user to modify all IAM user’s password, sign in certificates and access keys using only CLI, SDK or APIs

    Answer is D




    0



    0

Leave a Reply

Your email address will not be published. Required fields are marked *