1
Security and Compliance
hard
Refer to the exhibit. A user outside the 192.0.2.0/24 IP range attempts to get an object from example-bucket. What will happen?
Exhibit
Refer to the exhibit.
IAM Policy JSON:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::example-bucket/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "192.0.2.0/24"
}
}
},
{
"Effect": "Deny",
"Action": "s3:*",
"Resource": "arn:aws:s3:::example-bucket/*",
"Condition": {
"NotIpAddress": {
"aws:SourceIp": "192.0.2.0/24"
}
}
}
]
}