Bird
0
0

Given this IAM policy snippet attached to a user:

medium📝 Predict Output Q4 of 15
AWS - Identity and Access Management
Given this IAM policy snippet attached to a user:
{"Effect": "Allow", "Action": ["s3:ListBucket"], "Resource": ["arn:aws:s3:::my-bucket"]}

What will the user be able to do?
AList the objects inside 'my-bucket'
BUpload objects to 'my-bucket'
CList the bucket itself but not its objects
DDelete objects from 'my-bucket'
Step-by-Step Solution
Solution:

  1. Step 1: Understand s3:ListBucket action

    This action allows listing the bucket's contents (keys), but not object-level actions.

  2. Step 2: Check resource scope

    The resource is the bucket ARN without /*, so it applies to the bucket, not objects.

  3. Final Answer:

    List the objects inside 'my-bucket' -> Option A

  4. Quick Check:

    s3:ListBucket lists objects = A [OK]
Quick Trick: s3:ListBucket lists bucket keys, not object data [OK]
Common Mistakes:
  • Confusing bucket listing with object access
  • Assuming upload or delete permissions
  • Ignoring resource ARN details

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More AWS Quizzes
AWS CLI - Why CLI matters for automation - Quiz 15hard AWS CLI - CLI scripting basics - Quiz 8hard AWS CLI - Installing AWS CLI - Quiz 13medium Cloud Computing Fundamentals - AWS Management Console walkthrough - Quiz 1easy Cloud Computing Fundamentals - Cloud deployment models (public, private, hybrid) - Quiz 4medium EC2 Fundamentals - Instance types and families - Quiz 13medium Identity and Access Management - IAM roles concept - Quiz 9hard S3 Fundamentals - Uploading and downloading objects - Quiz 15hard S3 Fundamentals - S3 versioning - Quiz 7medium VPC Fundamentals - Route tables configuration - Quiz 5medium