ExamGecko
Search Search Login
Home Home / Amazon / CLF-C02
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which AWS service gives users on-demand, sell-service access to AWS compliance control reports?
Which AWS service provides storage-optimized and compute-optimized device configurations?
A company is running a reporting web server application on Amazon EC2 instances. The application runs once every week and once again at the end of the month. The EC2 instances can be shut down when they are not in use. What is the MOST cost-effective billing model for this use case?
A company needs to manage multiple logins across AWS accounts within the same organization in AWS Organizations. Which AWS service should the company use to meet this requirement?
Which design principle aligns with performance efficiency pillar of the AWS Well-Architected Framework?
According to the AWS shared responsibility model, which of the following are AWS responsibilities? (Select TWO.)
Which AWS service can create a private network connection from on premises to the AWS Cloud?
Which AWS service or feature allows users to securely store encrypted credentials and retrieve these credentials when required?
A company purchased Amazon EC2 Standard Reserved Instances (Rls) for a workload in the AWS Cloud. The company needs to move part of the workload to an instance family that does not match the instance family of these Standard RIs. How can the company take advantage of the Standard RIs that it no longer needs?
Which options does AWS make available for customers who want to learn about security in the cloud in an instructor-led setting? (Select TWO.)

Question 497 - CLF-C02 discussion

Report
Export

A company has teams that have different job roles and responsibilities. The company's employees often change teams. The company needs to manage permissions for the employees so that the permissions are appropriate for the job responsibilities.

Which IAM resource should the company use to meet this requirement with the LEAST operational overhead?

A.
IAM user groups
Answers
A.
IAM user groups
B.
IAM roles
Answers
B.
IAM roles
C.
IAM instance profiles
Answers
C.
IAM instance profiles
D.
IAM policies for individual users
Answers
D.
IAM policies for individual users
Suggested answer: B

Explanation:

IAM roles are a way of granting temporary permissions to entities that need to access AWS resources, such as users, applications, or services. IAM roles allow customers to assign permissions to entities without having to create or manage IAM users or credentials for them. IAM roles can be assumed by different entities depending on the trust policy attached to the role. For example, IAM roles can be assumed by IAM users in the same or different AWS accounts, AWS services such as EC2 or Lambda, or external identities such as federated users or web identities. IAM roles can also be switched by IAM users to temporarily change their permissions. IAM roles are recommended for managing permissions for employees who often change teams, because they allow customers to define permissions based on job roles and responsibilities, and easily assign or revoke them as needed. IAM roles also reduce the operational overhead of creating, updating, or deleting IAM users or credentials for each employee or team change.

Show Answer
asked 16/09/2024
Jenny Silva
42 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms