AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
A company is migrating its applications from on-premises to the AWS Cloud. The company wants to ensure that the applications are assigned only the minimum permissions that are needed to perform all operations.
Which AWS service will meet these requirements?
Exam-Like
Community
RRitesh
A
AWS Identity and Access Management (IAM)
B
Amazon CloudWatch
C
Amazon Macie
D
Amazon GuardDuty
Explanation:
AWS Identity and Access Management (IAM) is the correct service for this requirement because:
-
IAM is AWS's service for managing access to AWS services and resources securely
-
It follows the principle of least privilege, allowing you to grant only the minimum permissions necessary for applications to perform their required operations
-
You can create IAM roles and policies that define specific permissions for applications
-
IAM enables fine-grained access control through policies that specify exactly what actions are allowed on which resources
Other options explained:
-
Amazon CloudWatch: A monitoring and observability service for AWS resources and applications
-
Amazon Macie: A security service that uses machine learning to discover and protect sensitive data
-
Amazon GuardDuty: A threat detection service that continuously monitors for malicious activity and unauthorized behavior
IAM is specifically designed for access management and permission control, making it the appropriate choice for ensuring applications have only the minimum required permissions.
Comments
Loading comments...