1. Home
  2. Discussions
  3. Amazon Web Services
  4. AWS Certified Associate
  5. SAA-C03 Discussions
  6. SAA-C03 Exam Topic 13 Question 127 Discussion

Amazon Web Services AWS Certified Solutions Architect - Associate (SAA-C03) SAA-C03 Question # 127 Topic 13 Discussion

 Amazon Web Services Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Amazon Web Services AWS Certified Solutions Architect - Associate (SAA-C03) SAA-C03 Question # 127 Topic 13 Discussion

SAA-C03 Exam Topic 13 Question 127 Discussion:
Question #: 127
Topic #: 13

A company stores data for multiple business units in a single Amazon S3 bucket that is in the company's payer AWS account. To maintain data isolation, the business units store data in separate prefixes in the S3 bucket by using an S3 bucket policy.

The company plans to add a large number of dynamic prefixes. The company does not want to rely on a single S3 bucket policy to manage data access at scale. The company wants to develop a secure access management solution in addition to the bucket policy to enforce prefix-level data isolation.
A.

Configure the S3 bucket policy to deny s3:GetObject permissions for all users. Configure the bucket policy to allow s3:* access to individual business units.

B.

Enable default encryption on the S3 bucket by using server-side encryption with Amazon S3 managed keys (SSE-S3).

C.

Configure resource-based permissions on the S3 bucket by creating an S3 access point for each business unit.

D.

Use pre-signed URLs to provide access to the S3 bucket.

Get Premium SAA-C03 Questions
Actual exam question for Amazon Web Services SAA-C03 exam by Jett6770 at Oct 23, 2025, 5:52:57 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next