ExamGecko
Question list
Search
Search

List of questions

Search

Related questions











Question 167 - SOA-C02 discussion

Report
Export

A SysOps administrator is reviewing AWS Trusted Advisor warnings and encounters a warning for an S3 bucket policy that has open access permissions. While discussing the issue with the bucket owner, the administrator realizes the S3 bucket is an origin for an Amazon CloudFront web distribution.

Which action should the administrator take to ensure that users access objects in Amazon S3 by using only CloudFront URLs?

A.
Encrypt the S3 bucket content with Server-Side Encryption with Amazon S3-Managed Keys (SSES3).
Answers
A.
Encrypt the S3 bucket content with Server-Side Encryption with Amazon S3-Managed Keys (SSES3).
B.
Create an origin access identity and grant it permissions to read objects in the S3 bucket.
Answers
B.
Create an origin access identity and grant it permissions to read objects in the S3 bucket.
C.
Assign an 1AM user to the CloudFront distribution and grant the user permissions in the S3 bucket policy.
Answers
C.
Assign an 1AM user to the CloudFront distribution and grant the user permissions in the S3 bucket policy.
D.
Assign an 1AM role to the CloudFront distribution and grant the role permissions in the S3 bucket policy.
Answers
D.
Assign an 1AM role to the CloudFront distribution and grant the role permissions in the S3 bucket policy.
Suggested answer: B

Explanation:

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-contentrestricting-access-to-s3.html

asked 16/09/2024
Shan Panikker
28 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first