Least Privilege — AWS Solutions Architect Associate Practice Questions
Least privilege is the security principle of granting identities, roles, and services only the permissions they need to perform their specific tasks, nothing more. On the AWS Solutions Architect Associate exam, this principle appears across IAM policies, S3 bucket policies, resource-based policies, and service roles. Architects are expected to know how to scope permissions using condition keys, resource ARNs, and permission boundaries rather than relying on broad managed policies like AdministratorAccess. Questions often test whether a proposed policy is too permissive or whether a more targeted alternative would satisfy the same requirement with less risk.
Free questions on least privilege
A company requires its EC2 instances to access S3 without using access keys. What is the recommended approach?
Free question · easy · full answer + explanation
More least privilege questions in the full bank
- What is the primary purpose of AWS IAM roles? Unlock answer & explanation →
- An organization implements Infrastructure as Code (IaC) for EC2 security. How should sensitive configuration data (database passwords) be managed? Unlock answer & explanation →
- A company must provide isolated S3 access to contractors without exposing AWS credentials or using cross-account roles. Which mechanism is most secure? Unlock answer & explanation →