AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
A company needs to identify unused access that has been granted to users in its AWS accounts. Which AWS service or feature will provide this information?
Real Exam
Community
RRitesh
A
AWS CloudTrail
B
AWS IAM Access Analyzer
C
AWS IAM Identity Center
D
AWS Trusted Advisor
Explanation:
Explanation
AWS IAM Access Analyzer is the correct service for identifying unused access granted to users in AWS accounts. Here's why:
Key Features of AWS IAM Access Analyzer:
-
Access Analysis: Analyzes resource policies and identifies resources that are shared with external entities
-
Unused Access Detection: Helps identify unused IAM roles, users, and permissions over time
-
Policy Validation: Validates IAM policies against security standards
-
Continuous Monitoring: Continuously monitors for new or updated access patterns
Why Other Options Are Incorrect:
-
AWS CloudTrail: Records API activity and governance for auditing purposes, but doesn't specifically identify unused access
-
AWS IAM Identity Center: Manages single sign-on access to multiple AWS accounts and applications, but doesn't analyze unused permissions
-
AWS Trusted Advisor: Provides cost optimization, performance, security, and fault tolerance recommendations, but doesn't specifically focus on unused access analysis
How IAM Access Analyzer Works:
-
Analyzes resource-based policies across your AWS environment
-
Identifies resources shared with external principals
-
Provides findings that show where access is granted but potentially unused
-
Helps organizations maintain the principle of least privilege by removing unnecessary permissions
This service is specifically designed to help organizations identify and remediate overly permissive access, making it the ideal choice for this use case.
Comments
Loading comments...