A root AWS account owner has created three IAM users: Bob, John and Michael. Michael is the IAM administrator. Bob
and John are not the superpower users, but users with some pre-defined policies. John does not have access to modify
his password. Thus, he asks Bob to change his password. How can Bob change John’s password?
A.
This statement is false. It should be Michael who changes the password for John
B.
It is not possible that John cannot modify his password
C.
Provided Bob is the manager of John
D.
Provided Michael has added Bob to a group, which has permissions to modify the IAM passwords
Explanation:
Generally with IAM users, the password can be modified in two ways. The first option is to define the IAM level policy
which allows each user to modify their own passwords. The other option is to create a group and create a policy for the
group which can change the passwords of various IAM users.
http://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html
D
D