ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 79 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional
Question #: 79
Topic #: 1
[All AWS Certified Solutions Architect - Professional Questions]

Which is a valid Amazon Resource name (ARN) for IAM?

  • A. aws:iam::123456789012:instance-profile/Webserver
  • B. arn:aws:iam::123456789012:instance-profile/Webserver
  • C. 123456789012:aws:iam::instance-profile/Webserver
  • D. arn:aws:iam::123456789012::instance-profile/Webserver
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
IAM ARNs -
Most resources have a friendly name (for example, a user named Bob or a group named Developers). However, the access policy language requires you to specify the resource or resources using the following Amazon Resource Name (ARN) format. arn:aws:service:region:account:resource
Where:
service identifies the AWS product. For IAM resources, this is always iam. region is the region the resource resides in. For IAM resources, this is always left blank. account is the AWS account ID with no hyphens (for example, 123456789012). resource is the portion that identifies the specific resource by name.
You can use ARNs in IAM for users (IAM and federated), groups, roles, policies, instance profiles, virtual MFA devices, and server certificates
. The following table
shows the ARN format for each and an example. The region portion of the ARN is blank because IAM resources are global.
by miracle at Feb. 22, 2020, 8:31 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
amministrazione
8 months, 2 weeks ago
B. arn:aws:iam::123456789012:instance-profile/Webserver
upvoted 1 times
...
jj22222
3 years, 1 month ago
Selected Answer: B
B. arn:aws:iam::123456789012:instance-profile/Webserver
upvoted 1 times
...
HellGate
3 years, 3 months ago
I need explanation on using two :, why use "::" before account? It's even not mentioned on regular ARN format.
upvoted 1 times
HellGate
3 years, 3 months ago
I got it... region is always blank for IAM resource. It's not two :, there's blank for resource.
upvoted 3 times
...
...
01037
3 years, 6 months ago
B is correct
upvoted 1 times
...
cldy
3 years, 6 months ago
B. ARN format -> arn:aws:service:region:account:resource
upvoted 2 times
...
ExtHo
3 years, 7 months ago
AM ARNs Most resources have a friendly name (for example, a user named Bob or a group named Developers). However, the permissions policy language requires you to specify the resource or resources using the following Amazon Resource Name (ARN) format. arn:partition:service:region:account:resource Where: partition identifies the partition that the resource is in. For standard AWS Regions, the partition is aws. If you have resources in other partitions, the partition is aws-partitionname. For example, the partition for resources in the China (Beijing) Region is aws-cn. You cannot delegate access between accounts in different partitions. service identifies the AWS product. For IAM resources, this is always iam. region is the Region the resource resides in. For IAM resources, this is always kept blank. account is the AWS account ID with no hyphens (for example, 123456789012). resource is the portion that identifies the specific resource by name.
upvoted 2 times
...
miracle
3 years, 7 months ago
Answer is B
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago