ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Developer Associate All Questions

View all questions & answers for the AWS Certified Developer Associate exam
Go to Exam

Exam AWS Certified Developer Associate topic 1 question 226 discussion

Exam question from Amazon's AWS Certified Developer Associate
Question #: 226
Topic #: 1
[All AWS Certified Developer Associate Questions]

A developer is writing an IAM policy document that grants administrator access to AWS Key Management Service (AWS KMS) for a federated user. The federated IAM role name is FederatedIAMRole. The user name is KeyAdmin.

How should the developer set the principal in the KMS key policy to meet these requirements?

  • A. “Principal”: { “AWS”: “arn:aws:sts::123456789012:role/FederatedIAMRole/KeyAdmin” }
  • B. “Principal”: { “AWS”: “arn:aws:sts::123456789012:user/FederatedIAMRole/KeyAdmin” }
  • C. “Principal”: { “AWS”: “arn:aws:sts::123456789012:user/KeyAdmin” }
  • D. “Principal”: { “AWS”: “arn:aws:sts::123456789012:assumed-role/FederatedIAMRole/KeyAdmin” }
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by k1kavi1 at Nov. 25, 2022, 2:15 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
rcaliandro
1 year, 10 months ago
I don't know XD
upvoted 1 times
...
davdan99
2 years, 2 months ago
Selected Answer: D
https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html#principal-role-session
upvoted 3 times
...
vichy
2 years, 3 months ago
all answers are wrong - https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html#sts-session-principals
upvoted 2 times
...
Phinx
2 years, 3 months ago
Selected Answer: D
https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html#principal-roles
upvoted 1 times
...
Pepepep
2 years, 3 months ago
I would go with D. From the link below: The active session of someone assuming the role of "Accounting-Role", with a role session name of "Mary": arn:aws:sts::123456789012:assumed-role/Accounting-Role/Mary https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html
upvoted 1 times
...
fabriciollf
2 years, 4 months ago
Selected Answer: D
"Principal": { "AWS": "arn:aws:sts::AWS-account-ID:assumed-role/role-name/role-session-name" }
upvoted 3 times
...
HieuTT
2 years, 4 months ago
"Principal": { "AWS": "arn:aws:sts::AWS-account-ID:federated-user/user-name" }
upvoted 3 times
...
lrom
2 years, 5 months ago
Selected Answer: D
I think D, this is federated user as denoted by prefix "arn:aws:sts:" present in all choice.
upvoted 3 times
...
michaldavid
2 years, 5 months ago
Selected Answer: C
I believe it's C
upvoted 1 times
...
k1kavi1
2 years, 5 months ago
Selected Answer: C
https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html
upvoted 1 times
Phinx
2 years, 3 months ago
it's D based on the link you provided.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago