Home › AWS DevOps Pro › cloudcomputing › dopsecurity › Which AWS service enforces 'Allow only what's ne…
Which AWS service enforces 'Allow only what's needed' permissions across human and machine identities — the foundation of DOP-C02 §6.1 IAM at scale?
AAmazon RDS
BAWS Identity and Access Management (IAM)
CAmazon Route 53
DAWS Snowball
Answer & Solution
Correct answer: B. AWS Identity and Access Management (IAM)
IAM is AWS's permission model (per DOP-C02 §6.1). The others aren't permission systems.
Related questions
Which AWS feature provides graph-based investigation of security findings to determine theWhich AWS feature lets a DevOps engineer apply preventive guardrails across an entire AWS Which AWS service automatically discovers and classifies sensitive data (PII, credentials,Which AWS service aggregates findings from GuardDuty + Inspector + IAM Access Analyzer + MWhich AWS service continuously analyses CloudTrail + VPC Flow + DNS logs with ML and threaWhich AWS service issues and rotates public TLS certificates for AWS load balancers, CloudWhich AWS service provides dedicated FIPS 140-2 Level 3 hardware HSMs for tenants with strWhich AWS service creates and rotates customer-managed encryption keys with IAM-controlled