Certified Security - Specialty

Sign Up Free or Log In to participate!

AWS Certified Security Course – Anonymous Users and Policy Conflicts

In the lecture "S3 ACL’s" in the AWS Certified Security Course at 08:42, the instructor shows how a link to read a resource is not disabled for an anonymous user, but a polict Deny statement is applied to all users (ie, I guess all IAM authenticated users only). Why is an anonymous user excluded from the Deny rule?  I was hoping the lecture "Conflicting Policies" would address this, but it never did. How should anonymous users be treated in the "5-step" rules conflict process described at the end of the "Conflicting Policies" lecture?

0 Answers

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?