Is there a method or command in the IAM system to allow or deny access to a specific instance?
A.
Only for VPC based instances
B.
Yes
C.
No
Explanation:
http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-evaldenyallow
– By default, all requests are denied. (In general, requests made using the account credentials for resources in
the account are always allowed.)
– An explicit allow overrides this default.
– An explicit deny overrides any allows.