Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Amazon Discussions

Exam AWS Certified Developer - Associate DVA-C02 topic 1 question 385 discussion

Exam question from Amazon's AWS Certified Developer - Associate DVA-C02
Question #: 385
Topic #: 1
[All AWS Certified Developer - Associate DVA-C02 Questions]

An IAM role is attached to an Amazon EC2 instance that explicitly denies access to all Amazon S3 API actions. The EC2 instance credentials file specifies the IAM access key and secret access key, which allow full administrative access.

Given that multiple modes of IAM access are present for this EC2 instance, which of the following is correct?

  • A. The EC2 instance will only be able to list the S3 buckets.
  • B. The EC2 instance will only be able to list the contents of one S3 bucket at a time.
  • C. The EC2 instance will be able to perform all actions on any S3 bucket.
  • D. The EC2 instance will not be able to perform any S3 action on any S3 bucket.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Anandesh at July 5, 2024, 1:14 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
tomchandler077
12 hours, 29 minutes ago
D Explicit deny policies in IAM take precedence over any allow policies. If the IAM role attached to the EC2 instance explicitly denies access to S3, this deny will apply regardless of any other credentials or policies that might grant access. Even though the EC2 instance's credentials file specifies keys with full administrative access, the explicit deny in the IAM role will override these permissions for S3 actions.
upvoted 1 times
...
Anandesh
2 days, 17 hours ago
Selected Answer: D
https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
ex Want to SAVE BIG on Certification Exam Prep?
close
ex Unlock All Exams with ExamTopics Pro 75% Off
  • arrow Choose From 1000+ Exams
  • arrow Access to 10 Exams per Month
  • arrow PDF Format Available
  • arrow Inline Discussions
  • arrow No Captcha/Robot Checks
Limited Time Offer
Ends in

Claim Offer Now
286 people claimed it in the last 6 hours