In this question "You have created a new S3 bucket and you would like to configure read and write access to this bucket, only for users who are members of the Development, Test and QA teams. Each team has a different IAM Group defined in AWS. Which of the following is the simplest way to configure this?"
The correct answer given is :
"Use a bucket policy to allow read and write access to the Development, Test and QA IAM groups"
As far as I know you cannot indicate groups as principals in policies. I am wrong?
This does not look to me as the right answer.
Yes, you are right!
You cannot specify IAM groups and instance profiles as principals.
Refer to "specifying a principal" section