Which of the following policies would permit a user to generate dynamic credentials on a database?
A . path "database/creds/read_only_role" {
capabilities = ["read"]
}
B . path "database/creds/read_only_role" {
capabilities = ["generate"]
}
C . path "database/creds/read_only_role" {
capabilities = ["list"]
}
D . path "database/creds/read_only_role" {
capabilities = ["sudo"]
}
Answer: A
Explanation:
The HTTP request is a GET which corresponds to a read capability. Thus, to grant access to generate database credentials, the policy would grant read access on the appropriate path.
Latest VA-002-P Dumps Valid Version with 200 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund