Bird
0
0

In AWS IAM policy evaluation, which statement has the highest priority?

easy📝 Conceptual Q2 of 15
AWS - Identity and Access Management
In AWS IAM policy evaluation, which statement has the highest priority?
AExplicit Allow
BImplicit Deny
CExplicit Deny
DResource-based policy
Step-by-Step Solution
Solution:

  1. Step 1: Identify priority of policy effects

    Explicit Deny always overrides any Allow in AWS IAM evaluation.

  2. Step 2: Compare with other effects

    Implicit Deny applies when no Allow exists, but Explicit Deny is stronger.

  3. Final Answer:

    Explicit Deny has highest priority -> Option C

  4. Quick Check:

    Highest priority = Explicit Deny [OK]
Quick Trick: Explicit Deny always beats Allow in IAM policies [OK]
Common Mistakes:
  • Thinking Explicit Allow overrides Deny
  • Confusing implicit and explicit denies
  • Assuming resource policies override denies

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More AWS Quizzes
AWS Account and Billing - AWS Cost Explorer basics - Quiz 8hard AWS CLI - CLI output formats (json, table, text) - Quiz 6medium AWS CLI - Installing AWS CLI - Quiz 2easy Cloud Computing Fundamentals - What is cloud computing - Quiz 6medium EC2 Fundamentals - Instance states (running, stopped, terminated) - Quiz 3easy Identity and Access Management - IAM roles concept - Quiz 14medium Identity and Access Management - Multi-factor authentication setup - Quiz 11easy Identity and Access Management - IAM users and groups - Quiz 9hard S3 Fundamentals - S3 versioning - Quiz 11easy Security Groups and Network ACLs - Stateless behavior of NACLs - Quiz 1easy