Home › Forums › AWS › AWS Certified Security – Specialty › KMS policy question
-
KMS policy question
-
I have a question
regarding one of the questions. Please find attached screenshot.I was surprised and confused because I thought only the root user should have access. I asked also Google Bard and I got the reply from the other screenshot.
ChatGPT gave me similar reply. Could you confirm this is not a mistake by your side?
-
Hello sysroute,
Thanks for your feedback.
It’s important to remember that while AIs like ChatGPT and Bard can provide useful information, they may not always capture the full range of nuances in certain topics.
In the given policy, the ‘root’ in the Principal’s ARN does not pertain to the root user of the account. Rather, it grants root access to any Identity within the account, provided they have the necessary permissions.
Here’s a link to an AWS document that supports this statement.
https://repost.aws/knowledge-center/kms-prevent-access
Let me know if this helps.
Regards,
Carlo @ Tutorials Dojo
Log in to reply.