Bird
0
0

A user has an IAM policy allowing access to an S3 bucket, but access is still denied. Which of the following is the most probable cause?

medium📝 Debug Q7 of 15
AWS - Identity and Access Management
A user has an IAM policy allowing access to an S3 bucket, but access is still denied. Which of the following is the most probable cause?
AThe IAM policy is attached to a group, not the user
BThe user has not logged in to the AWS Management Console
CThere is a bucket policy explicitly denying the user's access
DThe S3 bucket is in a different AWS region
Step-by-Step Solution
Solution:

  1. Step 1: Review IAM and bucket policies

    Access is denied if any explicit deny exists.

  2. Step 2: Identify conflicting policies

    Bucket policies can override IAM permissions with explicit denies.

  3. Final Answer:

    There is a bucket policy explicitly denying the user's access -> Option C

  4. Quick Check:

    Explicit deny overrides allow [OK]
Quick Trick: Explicit deny in bucket policy blocks access [OK]
Common Mistakes:
  • Assuming login status affects permissions
  • Confusing group attachment with permission denial
  • Believing region affects IAM permissions

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More AWS Quizzes
AWS Account and Billing - Root user vs IAM user - Quiz 4medium AWS Account and Billing - Resource tagging for cost tracking - Quiz 12easy AWS CLI - Basic CLI commands (s3, ec2) - Quiz 11easy EC2 Fundamentals - Instance metadata and user data - Quiz 1easy EC2 Fundamentals - Instance types and families - Quiz 11easy Identity and Access Management - IAM roles concept - Quiz 2easy S3 Fundamentals - Buckets and objects concept - Quiz 5medium Security Groups and Network ACLs - Network ACLs overview - Quiz 1easy Security Groups and Network ACLs - Default security group behavior - Quiz 1easy Security Groups and Network ACLs - Network ACLs overview - Quiz 11easy