Summer Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ac4s65

A security engineer wants to create a new AWS KMS customer managed key.

A security engineer wants to create a new AWS KMS customer managed key. The KMSAdmin IAM role will create and disable this key. The KMSUser IAM role will use this key for decryption.

Which key policy will meet these requirements?

A.

A key policy that grants KMSAdmin only kms:Create and kms:Disable*, and grants KMSUser kms:Decrypt.

B.

A key policy that grants KMSAdmin kms:Create* and kms:Disable*, and grants KMSUser kms:Decrypt.

C.

A key policy that grants KMSAdmin and KMSUser kms:CreateGrant, but does not grant KMSUser kms:Decrypt.

D.

A key policy that grants both KMSAdmin and KMSUser only kms:Decrypt*.

SCS-C03 PDF/Engine
  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions
buy now SCS-C03 pdf
Get 65% Discount on All Products, Use Coupon: "ac4s65"