How can this be resolved?

By:
In: CLF-C02
Tagged:
With: 2 Comments
A company has a managed IAM policy that does not grant the necessary permissions for users to accomplish required tasks.

How can this be resolved?

Enable AWS Shield Advanced.

Create a custom IAM policy.

Use a third-party web application firewall (WAF) managed rule from the AWS Marketplace.

Use AWS Key Management Service (AWS KMS) to create a customer-managed key.

Explanations:

AWS Shield Advanced is a DDoS protection service and does not relate to IAM permissions or access management.

Creating a custom IAM policy allows you to define specific permissions required for users to perform their tasks, thus resolving the issue with the managed policy.

A third-party WAF managed rule helps protect web applications from attacks but does not address IAM policy permissions or access rights for users.

AWS Key Management Service (KMS) is used for managing cryptographic keys and encryption, not for managing IAM permissions or user access.

2026-03-26

2 Comments

  1. Diana
    Author

    To the best of my knowledge, the answer is:
    Create a custom IAM policy.

  2. Justin
    Author

    I evaluate that the answer is:
    Create a custom IAM policy.

Leave a Reply

Your email address will not be published. Required fields are marked *

nineteen − six =