🔥 3-day streak
AWS Certified Security - Specialty70 / 157
Question 70 of 157
A company runs hundreds of projects, each with its own set of EC2 instances, S3 buckets, and DynamoDB tables. Every resource is tagged with a 'project' key. The security team wants developers to be able to manage only the resources belonging to their assigned project, without writing a separate IAM policy per project. Each developer's IAM principal is tagged with the project they belong to. Which approach best implements least privilege at scale?
Reviewed for accuracy · Report an issueNext question