An account owner has created an IAM user with the name passleader. The account owner wants to give EC2 access of
only the US West region to that IAM user. How can the owner configure this?
A.
While creating a policy provide the region as a part of the resources
B.
Create an IAM user in the US West region and give access to EC2
C.
Create an IAM policy and define the region in the condition
D.
It is not possible to provide access based on the region
Explanation:
The IAM policy is never region specific. If the user wants to configure the region specific setting, he needs to provide
conditions as part of the policy.
http://awspolicygen.s3.amazonaws.com/policygen.html
C