AWS Certified SysOps Administrator SOA-C01 – Question126

An organization (Account ID 123412341234. has attached the below mentioned IAM policy to a user. What does this policy statement entitle the user to perform?


A.
The policy allows the IAM user to modify all IAM users’ access keys using the console, SDK, CLI or APIs
B. The policy allows the IAM user to modify all IAM users’ credentials using the console, SDK, CLI or APIs
C. The policy allows the IAM user to modify all credentials using only the console
D. The policy allows the IAM user to modify the IAM user’s own credentials using the console, SDK, CLI or APIs

Correct Answer: A

Explanation:

Explanation: AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions for various AWS services. If the organization (Account ID 123412341234. wants some of their users to manage keys (access and secret access keys. of all IAM users, the organization should set the below mentioned policy which entitles the IAM user to modify keys of all IAM users with CLI, SDK or API.