Which combination of actions will meet these requirements?
(Choose two.)
Add the users to an IAM service-linked role. Attach the policy to the role.
Add the users to an IAM user group. Attach the policy to the group.
Create an AWS managed policy.
Create a customer managed policy.
Create an inline policy.
Explanations:
Service-linked roles are used to allow AWS services to act on behalf of AWS resources, not for managing user permissions. This doesn’t meet the requirement to attach a policy to multiple users and manage versions.
Adding users to an IAM user group and attaching the policy to the group is a common method to grant access to multiple users and allows for easy management of policies and their versions.
AWS managed policies are predefined by AWS and cannot be modified. This option doesn’t meet the requirement to change the policy or create new versions.
Customer managed policies are created by the user and can be edited. This allows attaching policies to users, as well as modifying and versioning them as needed.
Inline policies are embedded directly within IAM users, groups, or roles and are not reusable. They also don’t support versioning, so this doesn’t meet the requirement to manage versions.
If I’m correct, the answer is:
Add the users to an IAM user group. Attach the policy to the group.
I estimate that the answer is:
Add the users to an IAM user group. Attach the policy to the group.