Bird
0
0

Given this AWS IAM policy snippet, what does it allow?

medium📝 Predict Output Q13 of 15
AWS - Account and Billing
Given this AWS IAM policy snippet, what does it allow?
{
  "Effect": "Allow",
  "Action": "s3:ListBucket",
  "Resource": "arn:aws:s3:::example-bucket"
}
AAllows listing objects inside example-bucket
BAllows listing the example-bucket itself
CAllows listing all buckets in the account
DAllows deleting example-bucket
Step-by-Step Solution
Solution:

  1. Step 1: Understand the Action and Resource

    The action 's3:ListBucket' allows listing the bucket itself, which includes metadata and the ability to list objects inside.

  2. Step 2: Differentiate from other permissions

    This permission allows listing the bucket (its contents), but not listing all buckets (which requires s3:ListAllMyBuckets) or deleting.

  3. Final Answer:

    Allows listing the example-bucket itself -> Option B

  4. Quick Check:

    s3:ListBucket on bucket ARN = list bucket contents [OK]
Quick Trick: s3:ListBucket on bucket = list bucket contents [OK]
Common Mistakes:
  • Thinking it lists objects inside the bucket only
  • Confusing with s3:ListAllMyBuckets for all buckets
  • Assuming it allows deletion

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More AWS Quizzes
AWS Account and Billing - AWS Cost Explorer basics - Quiz 12easy AWS CLI - Installing AWS CLI - Quiz 5medium AWS CLI - Why CLI matters for automation - Quiz 5medium Cloud Computing Fundamentals - Cloud deployment models (public, private, hybrid) - Quiz 5medium Cloud Computing Fundamentals - AWS Management Console walkthrough - Quiz 8hard EC2 Fundamentals - Connecting to EC2 instances - Quiz 12easy Identity and Access Management - Least privilege principle - Quiz 15hard S3 Fundamentals - S3 versioning - Quiz 7medium Security Groups and Network ACLs - Security group as virtual firewall - Quiz 12easy VPC Fundamentals - Why VPC provides network isolation - Quiz 11easy