Bird
0
0

Given this IAM role trust policy snippet:

medium📝 Predict Output Q4 of 15
AWS - Identity and Access Management
Given this IAM role trust policy snippet:
{"Statement": [{"Effect": "Allow", "Principal": {"Service": "ecs-tasks.amazonaws.com"}, "Action": "sts:AssumeRole"}]}

Which AWS entity is allowed to assume this role?
AAmazon EC2 instances
BAmazon ECS tasks
CAWS Lambda functions
DIAM users in the account
Step-by-Step Solution
Solution:

  1. Step 1: Analyze the Principal service

    The Principal is "ecs-tasks.amazonaws.com", which corresponds to Amazon ECS tasks.

  2. Step 2: Match service to entity

    Amazon EC2 instances use "ec2.amazonaws.com", Lambda uses "lambda.amazonaws.com", and IAM users are specified differently.

  3. Final Answer:

    Amazon ECS tasks -> Option B

  4. Quick Check:

    Principal service matches ECS tasks [OK]
Quick Trick: Service principal defines which AWS service assumes the role [OK]
Common Mistakes:
MISTAKES
  • Confusing ECS tasks with EC2 instances
  • Assuming Lambda functions can assume this role
  • Thinking IAM users are allowed by service principal

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More AWS Quizzes
AWS Account and Billing - Root user vs IAM user - Quiz 2easy AWS CLI - Configuring credentials - Quiz 7medium AWS CLI - CLI scripting basics - Quiz 13medium Cloud Computing Fundamentals - What is cloud computing - Quiz 1easy Cloud Computing Fundamentals - AWS free tier overview - Quiz 6medium Cloud Computing Fundamentals - What is cloud computing - Quiz 5medium S3 Fundamentals - Creating S3 buckets - Quiz 7medium Security Groups and Network ACLs - Network ACLs overview - Quiz 10hard Security Groups and Network ACLs - Stateful behavior of security groups - Quiz 14medium VPC Fundamentals - VPC peering concept - Quiz 2easy