DVA-C02 - Security - Section 2.3
Author and reason about IAM identity-based and resource-based policies, including managed versus customer-managed policies and policy evaluation.
Author IAM identity-based and resource-based policies using JSON policy documents, and reason through the policy evaluation logic to predict whether an action will be allowed or denied. Distinguish AWS managed policies from customer-managed policies and apply least privilege to constrain application permissions.
IAM policy evaluationResource-based policiesManaged policiesLeast privilege
More in this domain
Back to all Security objectives, or the DVA-C02 cert hub.
Examworthy is not affiliated with or endorsed by Amazon Web Services. Original, blueprint-aligned practice material only.