The following IAM policy is attached to an IAM group.
This is the only policy applied to the group.
What are the effective IAM permissions of this policy for group members?
A . Group members are permitted any Amazon EC2 action within the uss-east-1 Region. Statements after. The Allow permission are not applied
B . Group member are denied any Amazon EC2 permissions in the us-east-1 Region unless they are tagged in with multi-factor authentication (MFA).
C . Group members are allowed the ec2:StopInstances and ec2:Terminatelnstances permissions for all Regions when logged in with multi-factor authentication (MFA). Group members authorized any other Amazon EC2 action.
D . Group members are allowed the ec2:Stoplnstances and ec2:Terminatelnstances permissions for the us-east-1 Region only when logged in with multi-factor authentication
(MFA). Groups are permitted any other Amazon EC2 action within the us-east-1 Region
Answer: D
Leave a Reply