AWS Certified Solutions Architect – Professional SAP-C01 – Question173

The CFO of a company wants to allow one of his employees to view only the AWS usage report page.
Which of the below mentioned IAM policy statements allows the user to have access to the AWS usage report page?

A.
"Effect": "Allow", "Action": ["Describe"], "Resource": "Billing"
B. "Effect": "Allow", "Action": ["aws-portal: ViewBilling"], "Resource": "*"
C. "Effect": "Allow", "Action": ["aws-portal: ViewUsage"], "Resource": "*"
D. "Effect": "Allow", "Action": ["AccountUsage], "Resource": "*"

Correct Answer: C

Explanation:

Explanation: AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions for various AWS services. If the CFO wants to allow only AWS usage report page access, the policy for that IAM user will be as given below:
{
“Version”: “2012-10-17”,
“Statement”:
[ {
“Effect”: “Allow”,
“Action”: [ “aws-portal:ViewUsage” ],
“Resource”: “*”
} ]
}
Reference:
http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing…