AWS Certified Developer - Associate

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: The user will be denied access because one of the policies has an explicit deny on it

The user will be denied access because the policy has an explicit deny on it - User will be denied access because any explicit deny overrides the allow.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Answer: The user will be denied access because one of the policies has an explicit deny on it

The user will be denied access because the policy has an explicit deny on it - User will be denied access because any explicit deny overrides the allow.

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

An IAM user has two different policies attached. Policy 1 explicitly denies the user all access to EC2 instances. Policy 2 explicitly grants the user permission to perform the EC2:Describe action.

Given these two conflicting policies, what will be the outcome when the user attempts to execute the 'Describe' action on an EC2 instance using the AWS CLI?

Exam-Like

The user will be denied access because one of the policies has an explicit deny on it

58.3%

The IAM user stands in an invalid state, because of conflicting policies

8.3%

The order of the policy matters. If policy 1 is before 2, then the user is denied access. If policy 2 is before 1, then the user is allowed access

25.0%

The user will get access because it has an explicit allow

8.3%