ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Developer Associate All Questions

View all questions & answers for the AWS Certified Developer Associate exam
Go to Exam

Exam AWS Certified Developer Associate topic 1 question 143 discussion

Exam question from Amazon's AWS Certified Developer Associate
Question #: 143
Topic #: 1
[All AWS Certified Developer Associate Questions]

An application that is hosted on an Amazon EC2 instance needs access to files that are stored in an Amazon S3 bucket. The application lists the objects that are stored in the S3 bucket and displays a table to the user. During testing, a developer discovers that the application does not show any objects in the list.
What is the MOST secure way to resolve this issue?

  • A. Update the IAM instance profile that is attached to the EC2 instance to include the S3:' permission for the S3 bucket.
  • B. Update the IAM instance profile that is attached to the EC2 instance to include the S3:ListBucket permission for the S3 bucket.
  • C. Update the developer's user permissions to include the S3:ListBucket permission for the S3 bucket.
  • D. Update the S3 bucket policy by including the S3:ListBucket permission and by setting the Principal element to specify the account number of the EC2 instance.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Chhotu_DBA at Sept. 1, 2022, 12:32 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
aws1234567
1 year, 10 months ago
IS D!! THE MOST SECURE WAY!!
upvoted 1 times
nmc12
1 year, 7 months ago
add ec2 instance ID to S3 bucket is not valid. that why B is true answer!!!
upvoted 1 times
...
...
rcaliandro
1 year, 11 months ago
Selected Answer: B
B "Update the IAM instance profile that is attached to the EC2 instance to include the S3:ListBucket permission for the S3 bucket"
upvoted 1 times
...
sichilam
2 years, 4 months ago
B it is
upvoted 2 times
...
by116549
2 years, 5 months ago
According to this URL ListBucket will list the buckets, the question is after the objects in the bucket: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html
upvoted 1 times
ninomfr64
1 year, 9 months ago
The s3:ListBucket permission allows the user to use the Amazon S3 GET Bucket (List Objects) operation https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-policy-language-overview.html
upvoted 1 times
...
...
michaldavid
2 years, 6 months ago
Selected Answer: B
BBBBBBB
upvoted 1 times
...
dark_cherrymon
2 years, 6 months ago
Selected Answer: B
B i was kinda looking at D, but the account number thing didn't ring a bell
upvoted 2 times
...
ManasChuri
2 years, 6 months ago
Selected Answer: A
Event though we should follow least privilege, but s3:listbucket will help list the bucket but not the objects.
upvoted 2 times
thesagarmahajan
2 years, 3 months ago
https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-policy-language-overview.html#:~:text=the%20s3%3AListBucket%20permission%20allows%20the%20user%20to%20use%20the%20Amazon%20S3%20GET%20Bucket%20(List%20Objects)%20operation
upvoted 3 times
...
thuyeinaung
2 years, 5 months ago
I had a same thought with you but when I checked the documentation ⇒ "s3:ListBucket permission allows the user to use the Amazon S3 GET Bucket (List Objects) operation"
upvoted 3 times
...
...
habros
2 years, 8 months ago
Selected Answer: B
B. least principle of privilege, so no s3:*. to view all files in bucket, s3:listbucket is sufficient
upvoted 2 times
...
Chhotu_DBA
2 years, 9 months ago
Selected Answer: B
B is correct
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel