🔥 3-day streak
AWS Certified Security - Specialty61 / 157
Question 61 of 157
A developer's IAM user has an identity-based policy that allows s3:GetObject and s3:PutObject on all buckets. A permission boundary attached to the same user allows only s3:GetObject on the bucket arn:aws:s3:::reports-data and dynamodb:* on all tables. There are no applicable SCPs or resource-based policies. When the developer attempts s3:PutObject to arn:aws:s3:::reports-data, what is the result and why?
Reviewed for accuracy · Report an issueNext question