AWS Certified SysOps Administrator – Associate (legacy) — Question 372

An organization is planning to create a user with IAM. They are trying to understand the limitations of IAM so that they can plan accordingly. Which of the below mentioned statements is not true with respect to the limitations of IAM?

Answer options

• A. One IAM user can be a part of a maximum of 5 groups
• B. The organization can create 100 groups per AWS account
• C. One AWS account can have a maximum of 5000 IAM users
• D. One AWS account can have 250 roles

Correct answer: A

Explanation

By default, an IAM user can be a member of up to 10 IAM groups, making option A the incorrect statement (and thus the correct answer). The other options accurately reflect the default service quotas for AWS IAM, which are 100 groups, 5000 users, and 250 roles per AWS account.