Home › Forums › AWS › AWS Certified Solutions Architect Associate › Way of users to access AWS resource
-
Way of users to access AWS resource
-
*** *** *** *** *** *** *** *** *** *** ***
In the question Topic-Based – IAM (SA-Associate)
Category: CSAA – Design Secure Applications and Architectures
You recently created a brand new IAM User with a default setting using AWS CLI. This is intended to be used to send API requests to your S3, DynamoDB, Lambda, and other AWS resources of your cloud infrastructure.
Which of the following must be done to allow the user to make API calls to your AWS resources?
—- —- —-
The options are given
– Assign an IAM Policy to the user to allow it to send API calls.
– Do nothing as the IAM User is already capable of sending API calls to your AWS resources.
– Create a set of Access Keys for the user and attach the necessary permissions.
– Enable Multi-Factor Authentication for the user.
*** *** *** *** *** *** *** *** *** *** ***
My understanding this will only grant programmatic access to AWS but will it grant privileges to access a resource like S3, DynamoDB? For actually making API calls didn’t we have to attach proper IAM policies?
-
Hello muhammad-r,
Thanks for sharing your thoughts.
If we break down the option: “Create a set of Access Keys for the user and attach the necessary permissions.”
* Create a set of Access Keys for the user – Use access keys to make secure REST or HTTP Query protocol requests to AWS service APIs.
* Attach the necessary permissions – IAM policy / Permissions policies. After adding the necessary permissions (policy) to the IAM user, it can access AWS resources.
You can check this AWS documentation on how to use the AWS CLI to create an IAM user.
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html
Let us know if you need further assistance. The Tutorials Dojo team is dedicated to helping you pass your AWS exam on your first try!
Regards,
Gerome @ Tutorials Dojo
Log in to reply.