🔥 3-day streak
AWS Certified Security - Specialty80 / 184
Question 80 of 184

A security engineer is reviewing a customer-managed IAM policy attached to a developer group. The policy contains a single statement with "Effect": "Allow", "NotAction": ["iam:*", "organizations:*"], and "Resource": "*". Developers report they can perform far more actions than intended, including deleting production S3 buckets and modifying KMS keys. What is the most accurate explanation of this behavior?

Reviewed for accuracy · Report an issueNext question