You have been tasked with writing a policy that will allow read permissions for all secrets at path secret/bar. The users that are assigned this policy should also be able to list the secrets. What should this policy look like?
D means it grants access only to one additional level under secret/bar/, not recursively to all secrets within it.
If the goal is to read all secrets under secret/bar/ and list them, the correct choice would be option A
The first path secret/bar/* with the read capability ensures that users can read the secrets stored at any path under secret/bar (including nested secrets).
The second path secret/bar/ with the list capability allows users to list the keys (secrets) directly stored under secret/bar.
The answer depends on whether the user also should be allowed to read all nested secrets under secret/bar. The question doesn't state this, so I opt for D, where the user gains access to items IN secret/bar only, not further down.
"secret/bar/*" indicates every path after /bar/ and Read & List are being granted.
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
djgodzilla
3 days, 17 hours agodjgodzilla
3 days, 18 hours agoimhl
2 months, 2 weeks agoStokvisss
5 months, 2 weeks agodaz_rekka
1 year, 1 month ago