Answer-first summary for fast verification
Answer: Attach a least privilege IAM policy to the groups
The most secure way to grant permissions to new users in IAM groups is by creating an IAM policy that grants least privilege permission and attaching the policy to the IAM groups. This ensures that users are given only the permissions necessary to perform their tasks, adhering to the principle of least privilege. IAM policies are flexible and can be tailored to fit specific needs, which provides a secure and efficient way to manage user permissions as compared to other options.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
In anticipation of rapid company growth, a solutions architect plans to configure AWS permissions for new users by organizing them into IAM groups based on department. What is the most secure method to assign permissions to these new IAM groups?
A
Implement service control policies (SCPs) for access management
B
Assign IAM roles with least privilege access to the groups
C
Attach a least privilege IAM policy to the groups
D
Use IAM roles with a permissions boundary for maximum access definition