ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS-SysOps All Questions

View all questions & answers for the AWS-SysOps exam
Go to Exam

Exam AWS-SysOps topic 1 question 510 discussion

Exam question from Amazon's AWS-SysOps
Question #: 510
Topic #: 1
[All AWS-SysOps Questions]

AWS IAM permissions can be assigned in two ways:

  • A. as role-based or as resource-based.
  • B. as identity-based or as resource-based.
  • C. as security group-based or as key-based.
  • D. as user-based or as key-based.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
Permissions can be assigned in two ways: as identity-based or as resource-based. Identity-based, or IAM permissions, are attached to an IAM user, group, or role and let you specify what that user, group, or role can do. For example, you can assign permissions to the IAM user named Bob, stating that he has permission to use the Amazon Elastic Compute Cloud (Amazon EC2) RunInstances ac-tion and that he has permission to get items from an Amazon DynamoDB table named
MyCompa-ny. The user Bob might also be granted access to manage his own IAM security credentials. Identi-ty-based permissions can be managed or inline.
Resource-based permissions are attached to a resource. You can specify resource-based permissions for Amazon S3 buckets, Amazon Glacier vaults, Amazon
SNS topics, Amazon SQS queues, and AWS Key Management Service encryption keys. Resource-based permissions let you specify who has access to the resource and what actions they can perform on it. Resource-based policies are in-line only, not managed.
Reference:
http://docs.aws.amazon.com/IAM/latest/UserGuide/access_permissions.html
by luuthang2011 at March 30, 2022, 1:46 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
albert_kuo
10 months ago
Selected Answer: B
AWS IAM permissions can be assigned in two ways: identity-based and resource-based. Identity-based permissions: These permissions are assigned directly to IAM users, groups, or roles. They define what actions an identity (user, group, or role) can perform on AWS resources. Resource-based permissions: These permissions are attached directly to AWS resources such as S3 buckets, DynamoDB tables, or Lambda functions. They specify who (which identity) has access to the resource and what actions they can perform on it.
upvoted 1 times
...
Finger41
1 year, 10 months ago
Selected Answer: B
B - https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html Identity-based policies – Attach managed and inline policies to IAM identities (users, groups to which users belong, or roles). Identity-based policies grant permissions to an identity. Resource-based policies – Attach inline policies to resources. The most common examples of resource-based policies are Amazon S3 bucket policies and IAM role trust policies. Resource-based policies grant permissions to the principal that is specified in the policy. Principals can be in the same account as the resource or in other accounts.
upvoted 1 times
...
luuthang2011
2 years ago
B. https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago