The _____ policy template gives the Admins group permis…

IAM provides several policy templates you can use to automatically assign permissions to the groups you
create. The _____ policy template gives the Admins group permission to access all account resources, except
your AWS account information

IAM provides several policy templates you can use to automatically assign permissions to the groups you
create. The _____ policy template gives the Admins group permission to access all account resources, except
your AWS account information

A.
Read Only Access

B.
Power User Access

C.
AWS Cloud Formation Read Only Access

D.
Administrator Access

Explanation:
AWS managed policies are designed to provide permissions for many common use cases. For example, there
are AWS managed policies that define typical permissions for administrators (all access), for power users (all
access except IAM), and for other various levels of access to AWS services. AWS managed policies make it
easier for you to assign appropriate permissions to users, groups, and roles than if you had to write the policies
yourself.
http://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html



Leave a Reply 6

Your email address will not be published. Required fields are marked *


vv

vv

No D, read explanation.

Venu

Venu

Power users are ones who have full access to AWS services but management of IAM users ,groups is not allowed to them.

But root users have access to manage IAM users and groups

Ans Power user

Jeremy Stones

Jeremy Stones

It’s D. It’s not talking about IAM, AWS account information is about account’s contact information, payment currency etc. You don’t need your AWS administrator to access that. But you need them to have all other access, including IAM – ability to create users etc. A power user cannot access IAM at all, but that’s not what the question is asking.

Steve

Steve

This is the whole idea behind the strong recommendation that you create an Administrator level IAM user and always use that account instead of your root account.