Hi Carlo,
In this case, “resource-based” is not the right term to use, because the only thing at AWS which refers to “resource-based” is, really and usually, the resource-based policy attached to a service like S3 or KMS…
I believe the question should have been: what access control mechanisms AWS KMS supports, and the answer would be: key policies, IAM, and grants. AWS is explicit to have us know that the key policies are crucial and mandatory to have in place (in other words, we cannot ONLY use IAM policies).
-
This reply was modified 2 years, 7 months ago by Zackn.
-
This reply was modified 2 years, 7 months ago by Zackn.