AWS Certified Solutions Architect – Professional SAP-C01 – Question143

The Principal element of an IAM policy refers to the specific entity that should be allowed or denied permission, whereas the translates to everyone except the specified entity.

A.
NotPrincipal
B. Vendor
C. Principal
D. Action

Correct Answer: A

Explanation:

Explanation: The element NotPrincipal that is included within your IAM policy statements allows you to specify an exception to a list of principals to whom the access to a specific resource is either allowed or denied. Use the NotPrincipal element to specify an exception to a list of principals. For example, you can deny access to all principals except the one named in the NotPrincipal element.
Reference:
http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_…