AWS Certified Solutions Architect – Professional SAP-C01 – Question172

In IAM, which of the following is true of temporary security credentials?

A.
Once you issue temporary security credentials, they cannot be revoked.
B. None of these are correct.
C. Once you issue temporary security credentials, they can be revoked only when the virtual MFA device is used.
D. Once you issue temporary security credentials, they can be revoked.

Correct Answer: A

Explanation:

Explanation: Temporary credentials in IAM are valid throughout their defined duration of time and hence can’t be revoked. However, because permissions are evaluated each time an AWS request is made using the credentials, you can achieve the effect of revoking the credentials by changing the permissions for the credentials even after they have been issued.
Reference:
http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp…