AWS Certified AI Practitioner AIF-C01 Practice Question
A data science team uses several Amazon SageMaker notebook IAM roles. The team wants to apply the same custom read-only Amazon S3 permissions to all these roles without copying identical inline policies into each one. Which IAM feature should they choose?
Use a service control policy in AWS Organizations to grant access.
Attach a customer managed policy to each role.
Add the permissions to every role as an inline policy.
Configure a role trust policy with the required S3 permissions.
A customer managed policy lets you create a single reusable JSON policy document, then attach it to multiple IAM identities such as roles, users, or groups. This avoids duplication and simplifies updates, because you modify the policy in one place and the change propagates to every attached role. A role trust policy only controls who can assume the role; it does not grant S3 permissions. Service control policies apply at the AWS Organizations level and do not attach directly to individual roles. Adding an inline policy to every role is exactly what the team wants to avoid because it duplicates policy documents and is harder to maintain.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a customer managed policy in AWS IAM?
Open an interactive chat with Bash
What is the difference between a role trust policy and permissions policy in IAM?
Open an interactive chat with Bash
How do service control policies (SCP) work in AWS Organizations?
Open an interactive chat with Bash
AWS Certified AI Practitioner AIF-C01
Security, Compliance, and Governance for AI Solutions
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .