AWS Certified SysOps Administrator – Associate (legacy) — Question 368

The CFO of a company wants to allow one of his employees to view only the AWS usage report page. Which of the below mentioned IAM policy statements allows the user to have access to the AWS usage report page?

Answer options

• A. "Effect": "Allow", "Action": [ג€Describeג€], "Resource": "Billing"
• B. "Effect": "Allow", "Action": ["AccountUsage], "Resource": "*"
• C. "Effect": "Allow", "Action": ["aws-portal:ViewUsage"], "Resource": "*"
• D. "Effect": "Allow", "Action": ["aws-portal: ViewBilling"], "Resource": "*"

Correct answer: C

Explanation

The IAM action `aws-portal:ViewUsage` is specifically used to grant permission to view AWS usage reports. Other options either use invalid action names like `AccountUsage` or incorrect permissions like `aws-portal:ViewBilling` which grants access to the billing dashboard instead of the usage reports. Therefore, Option C is the correct policy configuration.