Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified Security – Specialty KMS policy question

  • KMS policy question

  • sysroute

    Member
    December 4, 2023 at 4:20 pm

    I have a question
    regarding one of the questions. Please find attached screenshot.

    I was surprised and confused because I thought only the root user should have access. I asked also Google Bard and I got the reply from the other screenshot.

    ChatGPT gave me similar reply. Could you confirm this is not a mistake by your side?

  • Carlo-TutorialsDojo

    Member
    December 5, 2023 at 9:41 am

    Hello sysroute,

    Thanks for your feedback.

    It’s important to remember that while AIs like ChatGPT and Bard can provide useful information, they may not always capture the full range of nuances in certain topics.

    In the given policy, the ‘root’ in the Principal’s ARN does not pertain to the root user of the account. Rather, it grants root access to any Identity within the account, provided they have the necessary permissions.

    Here’s a link to an AWS document that supports this statement.

    https://repost.aws/knowledge-center/kms-prevent-access

    Let me know if this helps.

    Regards,

    Carlo @ Tutorials Dojo

    • sysroute

      Member
      December 8, 2023 at 8:01 pm

      Thank you for your reply Carlo!

Viewing 1 - 2 of 2 replies

Log in to reply.

Original Post
0 of 0 posts June 2018
Now