ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C03 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C03 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 751 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C03
Question #: 751
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C03 Questions]

A solutions architect is designing an AWS Identity and Access Management (IAM) authorization model for a company's AWS account. The company has designated five specific employees to have full access to AWS services and resources in the AWS account.

The solutions architect has created an IAM user for each of the five designated employees and has created an IAM user group.

Which solution will meet these requirements?

  • A. Attach the AdministratorAccess resource-based policy to the IAM user group. Place each of the five designated employee IAM users in the IAM user group.
  • B. Attach the SystemAdministrator identity-based policy to the IAM user group. Place each of the five designated employee IAM users in the IAM user group.
  • C. Attach the AdministratorAccess identity-based policy to the IAM user group. Place each of the five designated employee IAM users in the IAM user group.
  • D. Attach the SystemAdministrator resource-based policy to the IAM user group. Place each of the five designated employee IAM users in the IAM user group.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Andy_09 at Feb. 6, 2024, 6:14 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Linuslin
Highly Voted 10 months, 2 weeks ago
Selected Answer: C
The question says "full access to AWS services and resources in the AWS account" and "created an IAM user group." You can see it is identity-based policy, not resource-based.--->A and D are out. SystemAdministrator: Allow 28 of 412 services.--->B is out. AdministratorAccess: Allow 412 of 412 services.--->C is the correct answer. If you are curious about what a policy can allow for, just log in you AWS account and go to IAM-policies to find out.
upvoted 6 times
...
Scheldon
Highly Voted 9 months, 1 week ago
Selected Answer: C
AnswerC We need identity-based policy and if we will compare System Admin and Administrator Access policy it clear that SysAdmin have is allowing for limited amount of actions, where Admin Access simple allow for all actions. https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_identity-vs-resource.html https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AdministratorAccess.html https://docs.aws.amazon.com/aws-managed-policy/latest/reference/SystemAdministrator.html
upvoted 6 times
...
NSA_Poker
Most Recent 9 months, 2 weeks ago
Selected Answer: C
(A & D) eliminated. Resource-based policies are attached to a resource NOT an IAM user, group, or role. (B) eliminated. SystemAdministrator has fewer permissions than AdministratorAccess.
upvoted 5 times
...
MattBJ
1 year, 1 month ago
Selected Answer: C
C is the correct answer
upvoted 2 times
...
osmk
1 year, 1 month ago
Selected Answer: C
C>>>https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_manage-attach-detach.html
upvoted 3 times
...
osmk
1 year, 1 month ago
C>>>https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_manage-attach-detach.html
upvoted 3 times
...
Umuntu
1 year, 1 month ago
C looks correct
upvoted 3 times
...
Andy_09
1 year, 1 month ago
Option C
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago