Is there a method in the IAM system to allow or deny access to a specific instance?
A.
Only for VPC based instances
B.
Yes
C.
No
Explanation:
http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluationlogic.html#policy-eval-denyallow
– By default, all requests are denied. (In general, requests made using the account credentials
for resources in the account are always allowed.)
– An explicit allow overrides this default.
– An explicit deny overrides any allows.