SAA-C03 - Design Secure Architectures - Section 1.1

Design a flexible authorisation model using IAM users, groups, roles and policies to grant least-privilege access to AWS resources.

Describe IAM users, groups, roles, and policies, and explain how policy evaluation logic combines identity-based and resource-based policies to produce an allow or deny decision. Apply least-privilege principles by choosing between managed and inline policies and scoping permissions to only the resources and actions a principal requires.

Examworthy is not affiliated with or endorsed by Amazon Web Services. Original, blueprint-aligned practice material only.