Home › Forums › AWS › AWS Certified Security – Specialty › KMS policy question › Reply To: KMS policy question
-
Hello sysroute,
Thanks for your feedback.
It’s important to remember that while AIs like ChatGPT and Bard can provide useful information, they may not always capture the full range of nuances in certain topics.
In the given policy, the ‘root’ in the Principal’s ARN does not pertain to the root user of the account. Rather, it grants root access to any Identity within the account, provided they have the necessary permissions.
Here’s a link to an AWS document that supports this statement.
https://repost.aws/knowledge-center/kms-prevent-access
Let me know if this helps.
Regards,
Carlo @ Tutorials Dojo