Bird
0
0

Given this bucket policy snippet, what is the effect?

medium📝 Predict Output Q4 of 15
AWS - S3 Fundamentals
Given this bucket policy snippet, what is the effect?
{
  "Effect": "Deny",
  "Principal": "*",
  "Action": "s3:DeleteObject",
  "Resource": "arn:aws:s3:::mybucket/*"
}
AOnly the bucket owner can delete objects
BEveryone is denied permission to delete objects in the bucket
CEveryone is allowed to delete objects in the bucket
DNo effect because the policy is incomplete
Step-by-Step Solution
Solution:

  1. Step 1: Analyze the Effect and Principal

    Effect is "Deny" and Principal is "*" meaning everyone is denied.

  2. Step 2: Understand the Action and Resource

    Action is "s3:DeleteObject" on all objects in the bucket, so delete is denied for all.

  3. Final Answer:

    Everyone is denied permission to delete objects in the bucket -> Option B

  4. Quick Check:

    Deny + Principal * + DeleteObject = Deny all deletes [OK]
Quick Trick: "Deny" always overrides other permissions for specified actions [OK]
Common Mistakes:
  • Thinking Deny means allow
  • Assuming only owner denied
  • Ignoring the wildcard Principal

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More AWS Quizzes
AWS CLI - Basic CLI commands (s3, ec2) - Quiz 11easy AWS CLI - Why CLI matters for automation - Quiz 4medium Cloud Computing Fundamentals - Why cloud over on-premises - Quiz 7medium Cloud Computing Fundamentals - AWS Management Console walkthrough - Quiz 1easy Identity and Access Management - IAM roles concept - Quiz 13medium Security Groups and Network ACLs - Security group as virtual firewall - Quiz 8hard Security Groups and Network ACLs - Inbound and outbound rules - Quiz 10hard VPC Fundamentals - NAT Gateway for private subnet internet - Quiz 6medium VPC Fundamentals - VPC peering concept - Quiz 11easy VPC Fundamentals - Creating a custom VPC - Quiz 2easy