Practice free →
HomeAWS Cloud Practitionercloudcomputingsecuritycompliance › The principle of least privilege, as applied via…

The principle of least privilege, as applied via IAM, recommends that you:

AAllow only the AWS root user to perform any action in the account
BBlock every API call by default and approve each one manually
CGive every developer administrator access to speed up delivery
DGrant a user (or role) only the specific permissions they need to do their job, and nothing more
Answer & Solution
Correct answer: D. Grant a user (or role) only the specific permissions they need to do their job, and nothing more
Least privilege means scoping permissions narrowly — exactly the actions, resources, and conditions the principal needs. Over-permissive defaults expand blast radius; under-permissive blocks legitimate work.
Solve this in the app — AWS Cloud Practitioner practice & 24k+ MCQs →
Related questions