Get All the Questions Covering Entire Syllabus from here  : 2019 : This material is owned by . Please dont copy its bad Karma

Question-9: You are an owner of the CMKs, which can be used for data encryption. However, you don’t want anybody can use this CMKs. So you will need permissions in place through which you can control who can access the KMS, this permissions are defined in Key policy via Principal. Which of the following principal can be used in IAM Key policy?

  1. IAM User
  2. AWS Root Account
  3. IAM Roles
  4. Selected AWS Services
  5. IAM Groups

Ans: A,B,C,D

Detailed Explanation: Key Policy and Principal: Principal are the main identity which gets permissions, which are specified in Key Policy document for example root user, IAM user, IAM roles and AWS services. But remember IAM groups are not valid principal in a key policy.

All AWS Certification Products, Training, Books and PDF you must use are below

 AWS Developer Certification : Associate Level     AWS Sysops Administrator Certification : Assciate Level      AWS Solution Architect Certification : Associate Level     AWS Soltion Architect : Professional Level    AWS Certified Security Specialty (SCS-C01)     AWS Professional certification Exam        AWS Package Deal      Book : AWS Solution Architect Associate : Little Guide     AWS Security Specialization Certification: Little Guide SCS-C01     AWS Solution Architect : Training Associate