🔥 3-day streak
AWS Certified Security - Specialty77 / 184
Question 77 of 184

A developer is assigned an IAM identity policy that grants full access to Amazon S3 and Amazon DynamoDB (s3:* and dynamodb:*). The same IAM user also has a permission boundary attached that allows only s3:GetObject and s3:PutObject. There are no applicable SCPs or resource-based policies. When the developer attempts to call dynamodb:PutItem and s3:DeleteObject, what is the outcome?

Reviewed for accuracy · Report an issueNext question