PrepAway - Latest Free Exam Questions & Answers

Is there a method in the IAM system to allow or deny ac…

Is there a method in the IAM system to allow or deny access to a specific instance?

PrepAway - Latest Free Exam Questions & Answers

A.
Only for VPC based instances

B.
Yes

C.
No

Explanation:
http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluationlogic.html#policy-eval-denyallow
– By default, all requests are denied. (In general, requests made using the account credentials
for resources in the account are always allowed.)
– An explicit allow overrides this default.
– An explicit deny overrides any allows.

6 Comments on “Is there a method in the IAM system to allow or deny ac…

  1. Sree says:

    C
    Explanation:Amazon EC2 uses SSH keys, Windows passwords, and security groups to control who has access to the operating system of specific Amazon EC2 instances. There’s no method in the IAM system to allow or deny access to the operating system of a specific instance.




    7



    0
  2. levyagr says:

    I think B is correct.. I can use IAM and delete / reset Access key pair and if EC2 was running with that specific key, and not used by any other EC2, that means i used IAM to stop access to specific EC2




    0



    3
  3. Tomasz says:

    It’s not clear what “allow or deny access to a specific instance” means in this question.

    There is nothing about OS level access, so it can be API or Console access to perform action on specified instance. This You can limit using IAM Policy.




    1



    0

Leave a Reply

Your email address will not be published. Required fields are marked *