AWS Certified SysOps Administrator – Associate (legacy) — Question 796
In IAM, a policy has to include the information about who (user) is allowed to access the resource, known as the _____.
Answer options
- A. permission
- B. role
- C. license
- D. principal
Correct answer: D
Explanation
In IAM, the 'principal' element in a resource-based policy designates the specific user, account, or service that is granted or denied access to the resource. A 'permission' describes the actions that can be performed rather than who can perform them, while a 'role' is an IAM identity that can be assumed. 'License' is not a valid component of an IAM policy.