Dave is the main administrator in Example Corp., and he decides to use paths to help delineate the users in the company and set up a separate administrator group for each path-based division. Following is a subset of the full list of paths he plans to use:

-¢ /ma

rketing

-¢ /sales

-¢ /legal

Dave creates an administrator group for the marketing part of the company and calls it Marketing_Admin.

He assigns it the /marketing path. The groups ARN is arn:aws:iam::123456789012:group/marketing/Marketing_Admin.

Dave assigns the following policy to the Marketing_Admin group that gives the group permission to use all IAM actions with all groups and users in the /marketing path. The policy also gives the Marketing_Admin group permission to perform any AWS S3 actions on the obje

cts in the portion of the corporate bucket.

{

-Version-: -2012-10-17-,

-Statement-: [

{

-Effect-: -Deny-,

-Action-: -iam:*-,

-Resource-: [

-arn:aws:iam::123456789012:group/marketing/*-,

-arn:aws:iam::123456789012:user/marketing/*-

]

},

{

-Effect-:

-Allow-,

-Action-: -s3:*-,

-Resource-: -arn:aws:s3:::example_bucket/marketing/*-

},

{

-Effect-: -Allow-,

-Action-: -s3:ListBucket*-,

-Resource-: -arn:aws:s3:::example_bucket-,

-Condition-:{-StringLike-:{-s3:prefix-: -marketing/*-}}

}

]

}

A. True

B.

False

Explanation:

Effect Deny