//
you're reading...

Which of the following are correct statements with policy evaluation logic in AWS Identity and Access Management?


Which of the following are correct statements with policy evaluation logic in AWS Identity
and Access Management? Choose 2 answers

A.
An explicit deny does not override an explicit allow

B.
By default, all request are allowed

C.
An explicit allow overrides default deny.

D.
An explicit allow overrides an explicit deny

E.
By default, all requests are denied

Discussion

7 Responses to “Which of the following are correct statements with policy evaluation logic in AWS Identity and Access Management?”

  1. Brian Smith says:

    C & E

  2. networkmanagers says:

    Correct answer is CE

  3. Niranjana HK says:

    C and E

  4. Duck Bro says:

    C,E

    By default, all requests are denied. (In general, requests made using the account credentials for resources in the account are always allowed.)
    An explicit allow overrides this default.
    An explicit deny overrides any allows.
    http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html

Leave a Reply