Q6 — AWS SAA-C03 Ch.1

Question 6 of 65 | ← Chapter 1

Q6. An Amazon EC2 administrator created the following policy associated with an IAM group containing several users.What is the effect of this policy?

Correct Answer: C. Users can terminate an EC2 instance in the us-east-1 Region when the user's source IP is 10.100.100.254.

Explanation

Actually as per the policy both B and C are correct. But the IP 10.100.100.1 is the Reserved AWS IP and cannot be used by EC2 instance.What the policy means:\1. Allow termination of any instance if user's source ip address is 10.100. 100.254. \2. Deny termination of instances that are not in the us-east-1 region.Combining this two, you get:"Allow instance termination in the us-east-1 region if the user's source ip address is 10.100. 100.254. Deny termination operation on other regions."