Bird
0
0

An IAM policy has this statement:

medium📝 Debug Q7 of 15
AWS - Identity and Access Management
An IAM policy has this statement:
{"Effect": "Allow", "Action": "dynamodb:PutItem", "Resource": "arn:aws:dynamodb:us-east-1:123456789012:table/MyTable"}

The user still cannot put items. What could be the problem?
AThe Effect should be Deny to block other actions
BThe policy is missing permissions for the table's indexes
CThe Resource ARN is missing the region
DThe Action name is incorrect
Step-by-Step Solution
Solution:

  1. Step 1: Understand DynamoDB resource permissions

    PutItem may require permissions on table and its indexes.

  2. Step 2: Check policy resource coverage

    Policy only allows table ARN, missing index ARNs which may block PutItem.

  3. Final Answer:

    Missing permissions for indexes can block PutItem -> Option B

  4. Quick Check:

    Indexes need explicit permissions [OK]
Quick Trick: Include indexes in DynamoDB permissions for full access [OK]
Common Mistakes:
MISTAKES
  • Assuming table ARN covers indexes
  • Confusing Effect Deny usage
  • Misspelling action names

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More AWS Quizzes
Cloud Computing Fundamentals - Edge locations and CloudFront overview - Quiz 11easy Cloud Computing Fundamentals - AWS free tier overview - Quiz 11easy EC2 Fundamentals - Instance types and families - Quiz 8hard Identity and Access Management - IAM best practices - Quiz 2easy S3 Fundamentals - S3 storage classes (Standard, IA, Glacier) - Quiz 8hard Security Groups and Network ACLs - Inbound and outbound rules - Quiz 3easy Security Groups and Network ACLs - Default security group behavior - Quiz 14medium Security Groups and Network ACLs - Security groups vs NACLs decision - Quiz 13medium VPC Fundamentals - Public vs private subnets - Quiz 3easy VPC Fundamentals - Why VPC provides network isolation - Quiz 15hard