AWS Certified SysOps Administrator – Associate (legacy) — Question 104

An AWS root account owner is trying to create a policy to access RDS. Which of the below mentioned statements is true with respect to the above information?

Answer options

• A. Create a policy which allows the users to access RDS and apply it to the RDS instances
• B. The user cannot access the RDS database if he is not assigned the correct IAM policy
• C. The root account owner should create a policy for the IAM user and give him access to the RDS services
• D. The policy should be created for the user and provide access for RDS

Correct answer: C

Explanation

The correct answer is C because the root account owner must create a specific IAM policy to grant access to RDS services for the IAM user. Options A and D suggest applying the policy directly to instances or only for users, which does not address the need for user-specific policies. Option B is accurate but does not directly answer the question of what the root account owner should do.