I added Jane to the WebAppDevelopers group, and she automatically got the permissions defined for the group.

I logged in as Jane and checked: she could view files in the S3 bucket but couldn’t create or delete buckets. Everything worked as expected!

I created a new user for Jane Doe, gave her AWS Console access, set a strong password, and unchecked the "change password on next sign-in" option.

I wrote a custom policy to allow Jane to view files in a specific S3 bucket, but I made sure she couldn’t create or delete any buckets.

I deleted Jane’s user account, removed the group, and deleted the policy to make sure there were no unused resources left behind.

I went to IAM in the AWS Console and created a group called WebAppDevelopers, then I assigned the necessary permissions to it.