Q64 — AWS AIF-C01 Ch.3
Question 64 of 100 | ← Chapter 3
An AWS administrator needs to protect ML resources in the AWS environment. The administrator must configure appropriate permissions for users, groups, and federated roles to access Amazon S3 and Amazon SageMaker. Which AWS service or feature can the administrator use to grant these permissions?
- A. AWS Secrets Manager
- B. AWS Key Management Service (AWS KMS)
- C. S3 bucket policies
- D. AWS Identity and Access Management (IAM) ✓
Correct Answer: D. AWS Identity and Access Management (IAM)
Explanation
In the AWS environment, protecting machine learning (ML) resources and configuring appropriate permissions requires a service capable of managing access for users, groups, and federated roles. AWS Identity and Access Management (IAM) is the AWS service designed for creating and managing identities and access permissions. Using IAM, administrators can assign granular permissions to control access to AWS resources such as Amazon S3 and Amazon SageMaker. Therefore, IAM is the correct service to grant these permissions. View all