Exam: AWS Certified Cloud Practitioner 0 Likes
In which situations should a company create an IAM user instead of an (CLF-C02)
In which situations should a company create an IAM user instead of an IAM role?
(Choose two)
A) When an application that runs on Amazon EC2 instances requires access to other AWS services.
B) When the company creates AWS access credentials for individuals.
C) When the company creates an application that runs on a mobile phone that makes requests to AWS.
D) When the company needs to add users to IAM groups.
E) When users are authenticated in the corporate network and want to be able to use AWS without having to sign in a second time.
Solution
Correct answer: B) When the company creates AWS access credentials for individuals and D) When the company needs to add users to IAM groups.
B - IAM users are typically used to represent individuals or entities (such as applications or services) that interact with AWS resources. Each IAM user has its own set of credentials (access key ID and secret access key) for accessing AWS services.
D - IAM users are often organized into groups based on their roles or permissions. By adding users to IAM groups, the company can efficiently manage permissions and access levels for multiple users at once.
Option A is incorrect because IAM roles are typically used to grant permissions to entities such as applications running on EC2 instances, rather than IAM users.
Options C and E are incorrect because IAM roles are more suitable for scenarios where temporary permissions are needed for entities such as mobile applications or federated users authenticated via corporate networks. Roles can be assumed by these entities to obtain temporary credentials with limited permissions.
Category: Security and compliance in the AWS cloud