AWS Identity and Access Management (IAM) is used to manage access to AWS services and resources securely. With IAM, you can create and manage AWS users and groups, and define the permissions (policies) that grant access to specific AWS resources and actions. By assigning appropriate IAM permissions to users and groups, you can control what actions they can perform on Amazon EC2 instances and other AWS resources.
This question is worded wrong which makes it more vague. IAM gives permission to EC2 to use/access different AWS services ( IAM doesn't go inside the EC2 instance and interfere with internal system because its "customer" responsibility)
The task that a user can complete by using AWS Identity and Access Management (IAM) is:
D. Grant permissions to applications that run on Amazon EC2 instances.
Explanation:
AWS Identity and Access Management (IAM) is a web service that enables Amazon Web Services (AWS) customers to manage access to AWS services and resources securely. IAM enables you to create and manage AWS users and groups, and to grant permissions to access AWS resources. With IAM, you can control who can access your AWS resources, and what actions they can perform on those resources. IAM also enables you to set up access policies that grant permissions to AWS resources based on attributes such as user name, group membership, or tags. By using IAM, you can grant permissions to applications that run on Amazon EC2 instances, and control which AWS resources those applications can access.
Grant permissions to applications that run on Amazon EC2 instances.
You don't grant permissions to applications. You grant permissions to users to use a certain application. So how is D correct?
With AWS Identity and Access Management (IAM), you can specify who or what can access services and resources in AWS, centrally manage fine-grained permissions, and analyse access to refine permissions across AWS.
Granular permissions:
You can grant different permissions to different people for different resources. For example, you might allow some users complete access to Amazon Elastic Compute Cloud (Amazon EC2), Amazon Simple Storage Service (Amazon S3), Amazon DynamoDB, Amazon Redshift, and other AWS services. For other users, you can allow read-only access to just some S3 buckets, or permission to administer just some EC2 instances, or to access your billing information but nothing else.
https://docs.aws.amazon.com/IAM/latest/UserGuide/introduction.html
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Purine
1 year, 1 month agoPranava_GCP
1 year, 9 months agoman5484
1 year, 10 months agotester0071
1 year, 11 months agoGuru4Cloud
2 years, 1 month agoGenius072398
2 years, 3 months agoOnyejicash
2 years, 3 months agoSaif93
2 years, 3 months agowooyourdaddy
2 years, 5 months ago