What type of policy has an AWS administrator created when attaching a standalone policy to a principal entity?

Disable ads (and more) with a premium pass for a one time $4.99 payment

Prepare for the Amazon Web Services (CISN 74A) Security Test with our interactive quizzes. Use multiple choice questions with detailed hints and explanations to ace your exam.

When an AWS administrator attaches a standalone policy to a principal entity, they have created a customer managed policy. Customer managed policies are created and managed by the AWS account holder and are specific to that account. This type of policy allows for greater flexibility and customization compared to AWS managed policies, which are predefined by AWS and cannot be modified.

Customer managed policies allow administrators to tailor permissions according to specific needs, enabling them to grant the appropriate access rights to users or resources within their AWS account. By creating their own policies, administrators can define actions, resources, and conditions based on their organization's requirements, ensuring that access is granted as per the principle of least privilege.

In contrast, AWS managed policies are not user-defined and are meant for general use cases, while service control policies apply to organizations using AWS Organizations and help manage permissions across multiple AWS accounts. Identity-based policies encompass both customer managed and AWS managed policies, but specifying that it is a customer managed policy indicates a level of ownership and management by the AWS account holder, which is key in this context.