Bird
0
0

Why is it recommended to specify exact DynamoDB table ARNs in IAM policies instead of using wildcards for Resource?

hard🧠 Conceptual Q10 of 15
DynamoDB - Security and Access Control
Why is it recommended to specify exact DynamoDB table ARNs in IAM policies instead of using wildcards for Resource?
ABecause DynamoDB does not support wildcards in Resource ARNs.
BBecause wildcards cause syntax errors in IAM policies.
CTo allow users to access all tables without restrictions.
DTo follow the principle of least privilege and improve security.
Step-by-Step Solution
Solution:

  1. Step 1: Understand security best practices

    Specifying exact resources limits permissions to only what is needed, reducing risk.

  2. Step 2: Recognize why wildcards are discouraged

    Wildcards grant broader access than necessary, violating least privilege principle.

  3. Final Answer:

    To follow the principle of least privilege and improve security. -> Option D

  4. Quick Check:

    Least privilege = specify exact ARNs [OK]
Quick Trick: Exact ARNs enforce least privilege, enhancing security [OK]
Common Mistakes:
MISTAKES
  • Believing wildcards cause errors
  • Thinking wildcards improve security
  • Assuming DynamoDB disallows wildcards

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More DynamoDB Quizzes
Access Patterns and Query Optimization - Burst capacity - Quiz 9hard Backup and Recovery - Why data protection is essential - Quiz 12easy Backup and Recovery - Why data protection is essential - Quiz 10hard Cost Optimization and Monitoring - CloudWatch metrics for DynamoDB - Quiz 5medium Cost Optimization and Monitoring - Contributor Insights - Quiz 7medium Cost Optimization and Monitoring - DAX (DynamoDB Accelerator) caching - Quiz 14medium DynamoDB with AWS SDK - Boto3 (Python) client vs resource - Quiz 14medium DynamoDB with AWS SDK - Document client abstraction - Quiz 14medium DynamoDB with Serverless - API Gateway to DynamoDB - Quiz 2easy Security and Access Control - Fine-grained access control - Quiz 6medium