1
Identity and Access Management
medium
Refer to the exhibit. A user in the 10.1.0.0/16 range attempts to retrieve the object s3://example-bucket/secret/top_secret.pdf. What will be the result?
Exhibit
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::example-bucket/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "10.0.0.0/16"
}
}
},
{
"Effect": "Deny",
"Action": "s3:*",
"Resource": "arn:aws:s3:::example-bucket/secret/*"
}
]
}