IAM users do not have permission to create Temporary Security Credentials for federated users and roles by default. In contrast, IAM users can call __________ without the need of any special permissions
Suggested Answer:C🗳️
Currently the STS API command GetSessionToken is available to every IAM user in your account without previous permission. In contrast, the GetFederationToken command is restricted and explicit permissions need to be granted so a user can issue calls to this particular Action. Reference: http://docs.aws.amazon.com/STS/latest/UsingSTS/STSPermission.html
The correct answer is C. GetSessionToken.
IAM users can call the GetSessionToken API without needing any special permissions by default. The GetSessionToken operation allows IAM users to request temporary security credentials, also known as session tokens, for themselves. These session tokens can be used to authenticate and authorize requests to AWS services.
By calling GetSessionToken, IAM users can obtain temporary credentials that have a limited duration, typically one hour. These temporary credentials can then be used to access AWS resources based on the permissions assigned to the IAM user.
On the other hand, GetFederationToken is used by IAM users or AWS account root users to request temporary security credentials for federated users or roles they assume. It requires specific permissions to be granted to the IAM user or the AWS account root user.
Therefore, the correct answer is C. GetSessionToken.
Explanation/Reference:
Currently the STS API command GetSessionToken is available to every IAM user in your account without previous permission. In contrast, the GetFederationToken command is restricted and explicit permissions need to be granted so a user can issue calls to this particular Action. http:// docs.aws.amazon.com/STS/latest/UsingSTS/STSPermission.html
C is correct
Answer is C.
GetFederationToken - Returns a set of temporary security credentials (consisting of an access key ID, a secret access key, and a security token) for a federated user.
https://docs.aws.amazon.com/STS/latest/APIReference/API_GetFederationToken.html
GetSessionToken - Returns a set of temporary credentials for an AWS account or **IAM user**.
QS: In contrast, **IAM** users can call__________. So, answer is C.
IAM users can also call GetSessionToken to create temporary security credentials. No permissions are required for a user to call GetSessionToken
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_enable-create.html
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
amministrazione
8 months, 3 weeks agoSkyZeroZx
1 year, 10 months agoSizuma
2 years, 8 months agocldy
3 years, 5 months agoKinnam
3 years, 6 months agolittlecurly
3 years, 6 months agoExam_boy
3 years, 7 months ago01037
3 years, 6 months ago