Practice - 5 Tasks

Answer the questions below

1fill in blank

easy

Complete the code to identify the AWS user type with full account access.

AWS

if user == '[1]':
    print("Full account access granted.")

Drag options to blanks, or click blank then click option'

Aservice user

BIAM user

Croot user

Dguest user

Attempts:

3 left

2fill in blank

medium

Complete the code to create an AWS user with limited permissions.

AWS

new_user = create_user('[1]')

Drag options to blanks, or click blank then click option'

Asuper user

BIAM user

Cadmin user

Droot user

Attempts:

3 left

3fill in blank

hard

Fix the error in the code that checks if a user is the root user.

AWS

if user == '[1]':
    print("Access granted")

Drag options to blanks, or click blank then click option'

Aroot user

BIAM user

Cadmin user

Dguest user

Attempts:

3 left

4fill in blank

hard

Fill both blanks to define a policy that allows only IAM users to access a resource.

AWS

policy = {
  'Effect': 'Allow',
  'Principal': {'AWS': '[1]'},
  'Action': '[2]'
}

Drag options to blanks, or click blank then click option'

Aarn:aws:iam::123456789012:user/*

Barn:aws:iam::123456789012:root

Ciam:PassRole

Ds3:*

Attempts:

3 left

5fill in blank

hard

Fill all three blanks to create a policy that denies root user access but allows IAM users to list S3 buckets.

AWS

policy = {
  'Version': '2012-10-17',
  'Statement': [
    {
      'Effect': 'Deny',
      'Principal': {'AWS': '[1]'},
      'Action': 's3:*',
      'Resource': '*'
    },
    {
      'Effect': 'Allow',
      'Principal': {'AWS': '[2]'},
      'Action': '[3]',
      'Resource': '*'
    }
  ]
}

Drag options to blanks, or click blank then click option'

Aarn:aws:iam::123456789012:root

Barn:aws:iam::123456789012:user/*

Cs3:ListAllMyBuckets

Ds3:DeleteBucket

Attempts:

3 left