wcatlan
In the lecture "S3 ACL’s" in the AWS Certified Security Course at 08:42, the instructor shows how a link to read a resource is not disabled for an anonymous user, but a polict Deny statement is applied to all users (ie, I guess all IAM authenticated users only). Why is an anonymous user excluded from the Deny rule? I was hoping the lecture "Conflicting Policies" would address this, but it never did. How should anonymous users be treated in the "5-step" rules conflict process described at the end of the "Conflicting Policies" lecture?