ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty All Questions

View all questions & answers for the AWS Certified Security - Specialty exam
Go to Exam

Exam AWS Certified Security - Specialty topic 1 question 394 discussion

Exam question from Amazon's AWS Certified Security - Specialty
Question #: 394
Topic #: 1
[All AWS Certified Security - Specialty Questions]

A company has an application that stores data in an Amazon S3 bucket. In the same AWS account, the company deploys a new data analysis application on Amazon EC2 with an instance profile attached. The analysis application is able to get a list of S3 objects but is unable to read the data. The following IAM policy is attached to the instance role:



Which solution will give the analysis application the ability to read the data in the S3 bucket?

  • A. Add the s3:GetObjectVersion action to the list of actions in the policy that is attached to the instance role.
  • B. Add the following IAM policy to the instance role:


  • C. Create a bucket policy for the data bucket. Add the following statement to the bucket policy:


  • D. Update the application to write objects with the bucket-owner-full-control ACL.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by landsamboni at Dec. 1, 2022, 7:11 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ITGURU51
2 years ago
In this particular case, it is not necessary to create a new bucket policy since the IAM policy is not correct. The IAM policy needs the /* parameter.
upvoted 1 times
...
Nocky24
2 years, 4 months ago
B for sure. C is missing the Principal so is an invalid bucket policy.
upvoted 2 times
...
secdaddy
2 years, 4 months ago
B as the already attached IAM policy is missing /*
upvoted 2 times
...
tainh
2 years, 5 months ago
Selected Answer: B
B is answer https://aws.amazon.com/premiumsupport/knowledge-center/s3-instance-access-bucket/
upvoted 4 times
...
Isaias
2 years, 5 months ago
Selected Answer: B
B correct C incorrect, it does not have a Resource base policy format, It´s missing the Principal
upvoted 3 times
...
landsamboni
2 years, 5 months ago
Selected Answer: B
B. Add the following IAM policy to the instance role:
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago