A company wants to make sure that only one user from its Admin group has the permanent right to delete an Amazon EC2 resource. There should be no changes in the existing policy under the Admin group. What should a developer use to meet these requirements?
A) AWS managed policy
B) Inline policy
C) IAM trust relationship
D) AWS Security Token Service (AWS STS)

Question

Quizplus · Accepted Answer

AWS managed policies are pre-defined policies that can be attached to IAM users, groups, or roles. They provide a convenient way to grant permissions to access AWS resources. In this case, the developer can use the AWS managed policy "AdministratorAccess" to grant the user the necessary permissions to delete EC2 resources. This policy will not affect the existing permissions under the Admin group.

A Company Wants to Make Sure That Only One User