Correct D.
NotAction with Deny
You can use the NotAction element in a statement with "Effect": "Deny" to deny access to all of the listed resources except for the actions specified in the NotAction element. This combination does not allow the listed items, but instead explicitly denies the actions not listed. You must still allow actions that you want to allow.
The following conditional example denies access to non-IAM actions if the user is not signed in using MFA. If the user is signed in with MFA, then the "Condition" test fails and the final "Deny" statement has no effect. Note, however, that this would not grant the user access to any actions; it would only explicitly deny all other actions except IAM actions.
I'll go with C
The explicit deny is clearly for S3 and denies access to any bucket that is not Prod.
There is nothing here that prevents access to other AWS Services.
Definitely C. The explicit deny is clearly for S3 and denies access to any bucket that is not Prod. There is nothing here that prevents access to other AWS Services.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
beebatov
Highly Voted 3 years, 2 months agodavidy2020
Most Recent 1 year, 10 months agoggrodskiy
1 year, 11 months agoevargasbrz
1 year, 11 months agoJesuisleon
1 year, 6 months agoTechX
2 years, 5 months agoyacin
2 years, 9 months agojyrajan69
2 years, 9 months agochallenger1
2 years, 12 months agoAzureDP900
3 years agoandylogan
3 years, 1 month agotgv
3 years, 1 month agoWhyIronMan
3 years, 1 month agovimgoru24
3 years, 2 months agohk436
3 years, 2 months agoWaiweng
3 years, 2 months agoExtHo
3 years, 2 months agogsw
3 years, 2 months ago