Bird
0
0

You wrote this trust policy for an IAM role:

medium📝 Debug Q6 of 15
AWS - Identity and Access Management
You wrote this trust policy for an IAM role:
{"Statement": [{"Effect": "Allow", "Principal": "ec2.amazonaws.com", "Action": "sts:AssumeRole"}]}

Why does this policy cause an error?
A"Action" is misspelled
B"Principal" must be an object, not a string
C"Effect" cannot be "Allow"
D"Statement" must be a string
Step-by-Step Solution
Solution:

  1. Step 1: Check Principal format

    Principal must be an object specifying the service, e.g., {"Service": "ec2.amazonaws.com"}, not a plain string.

  2. Step 2: Validate other keys

    Action and Effect are correct, Statement is an array as required.

  3. Final Answer:

    "Principal" must be an object, not a string -> Option B

  4. Quick Check:

    Principal format error = must be object [OK]
Quick Trick: Principal must be an object with Service or AWS key [OK]
Common Mistakes:
MISTAKES
  • Using string instead of object for Principal
  • Misspelling Action or Effect
  • Wrong data type for Statement

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More AWS Quizzes
AWS Account and Billing - Root user vs IAM user - Quiz 2easy AWS CLI - Configuring credentials - Quiz 7medium AWS CLI - CLI scripting basics - Quiz 13medium Cloud Computing Fundamentals - What is cloud computing - Quiz 1easy Cloud Computing Fundamentals - AWS free tier overview - Quiz 6medium Cloud Computing Fundamentals - What is cloud computing - Quiz 5medium S3 Fundamentals - Creating S3 buckets - Quiz 7medium Security Groups and Network ACLs - Network ACLs overview - Quiz 10hard Security Groups and Network ACLs - Stateful behavior of security groups - Quiz 14medium VPC Fundamentals - VPC peering concept - Quiz 2easy