The CFO of a company wants to allow one of his employees to view only the AWS usage report page. Which of
the below mentioned IAM policy statements allows the user to have access to the AWS usage report page?
A.
“Effect”: “Allow”, “Action”: [“Describe”], “Resource”: “Billing”
B.
“Effect”: “Allow”, “Action”: [“AccountUsage], “Resource”: “*”
C.
“Effect”: “Allow”, “Action”: [“aws-portal:ViewUsage”], “Resource”: “*”
D.
“Effect”: “Allow”, “Action”: [“aws-portal: ViewBilling”], “Resource”: “*”
Explanation:
AWS Identity and Access Management is a web service which allows organizations to manage users and user
permissions for various AWS services. If the CFO wants to allow only AWS usage report page access, the policy
for that IAM user will be as given below:
{
“Version”: “2012-10-17”,
“Statement”: [
{
“Effect”: “Allow”,
“Action”: [
“aws-portal:ViewUsage”
],
“Resource”: “*”
}]}
C. But I think the correct answer is C and D, together
http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html#example-billing-view-reports
0
0
The question specifies usage report, not billing report
0
0
C
From the policy generator,
“Action”: [
“aws-portal:ViewUsage”
],
0
0
The correct answer is: C) “Effect”: “Allow”, “Action”: [“aws-portal:ViewUsage”], “Resource”: “*”
0
0
c
0
0
“Effect”: “Allow”, “Action”: [“aws-portal:ViewUsage”,” aws-portal:ViewBilling”], “Resource”: “*”
0
0