What does the statement allow?

Posted by: Pdfprep Category: SCS-C01 Tags: , , Post Date: December 11, 2020

A Security Engineer who was reviewing AWS Key Management Service (AWS KMS) key policies found this statement in each key policy in the company AWS account.

What does the statement allow?
A . All principals from all AWS accounts to use the key.
B . Only the root user from account 111122223333 to use the key.
C . All principals from account 111122223333 to use the key but only on Amazon S3.
D . Only principals from account 111122223333 that have an IAM policy applied that grants access to this key to use the key.

Answer: D

Explanation:

Reference: https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html

Author

Leave a Reply

Your email address will not be published.