Bird
0
0

What is the result of this IAM policy statement?

medium📝 service behavior Q5 of 15
AWS - Identity and Access Management
What is the result of this IAM policy statement?
{"Effect": "Allow", "Action": ["s3:GetObject", "s3:PutObject"], "Resource": "arn:aws:s3:::mybucket/*"}
AAllows only getting objects in 'mybucket'
BAllows getting and putting objects in the 'mybucket' bucket
CDenies all actions on 'mybucket'
DAllows all actions on all buckets
Step-by-Step Solution
Solution:

  1. Step 1: Analyze the "Effect" and "Action" keys

    The "Effect" is "Allow" and "Action" includes both "s3:GetObject" and "s3:PutObject".

  2. Step 2: Understand the "Resource" specification

    The resource is the 'mybucket' bucket and all its objects (indicated by /*).

  3. Final Answer:

    Allows getting and putting objects in 'mybucket' -> Option B

  4. Quick Check:

    Allow + multiple actions + specific bucket = Allows getting and putting objects in the 'mybucket' bucket [OK]
Quick Trick: Multiple actions in array allow all listed actions [OK]
Common Mistakes:
MISTAKES
  • Assuming only first action applies
  • Confusing Allow with Deny
  • Ignoring the resource ARN format

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More AWS Quizzes
AWS CLI - CLI output formats (json, table, text) - Quiz 14medium AWS CLI - Basic CLI commands (s3, ec2) - Quiz 13medium Cloud Computing Fundamentals - AWS free tier overview - Quiz 11easy S3 Fundamentals - Why S3 matters for object storage - Quiz 4medium S3 Fundamentals - S3 encryption options - Quiz 8hard Security Groups and Network ACLs - Default security group behavior - Quiz 8hard Security Groups and Network ACLs - Stateless behavior of NACLs - Quiz 11easy Security Groups and Network ACLs - Security group as virtual firewall - Quiz 7medium Security Groups and Network ACLs - Why security groups matter - Quiz 9hard VPC Fundamentals - Route tables configuration - Quiz 11easy