A developer is writing an IAM policy document that grants administrator access to AWS Key Management Service (AWS KMS) for a federated user. The federated IAM role name is FederatedIAMRole. The user name is KeyAdmin.
How should the developer set the principal in the KMS key policy to meet these requirements?

A. “Principal”: { “AWS”: “arn:aws:sts::123456789012:role/FederatedIAMRole/KeyAdmin” }

B. “Principal”: { “AWS”: “arn:aws:sts::123456789012:user/FederatedIAMRole/KeyAdmin” }

C. “Principal”: { “AWS”: “arn:aws:sts::123456789012:user/KeyAdmin” }

D. “Principal”: { “AWS”: “arn:aws:sts::123456789012:assumed-role/FederatedIAMRole/KeyAdmin” }








 

Suggested Answer: D

Community Answer: D




This question is in DVA-C01 AWS Certified Developer – Associate Exam
For getting AWS Certified Developer – Associate Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Amazon.
Trademarks, certification & product names are used for reference only and belong to Amazon.
The website does not contain actual questions and answers from Amazon's Certification Exam.