Posted by: Pdfprep
Post Date: December 11, 2020
A Security Engineer who was reviewing AWS Key Management Service (AWS KMS) key policies found this statement in each key policy in the company AWS account.
What does the statement allow?
A . All principals from all AWS accounts to use the key.
B . Only the root user from account 111122223333 to use the key.
C . All principals from account 111122223333 to use the key but only on Amazon S3.
D . Only principals from account 111122223333 that have an IAM policy applied that grants access to this key to use the key.
Answer: D
Explanation:
Reference: https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html