Spring Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

  1. Home
  2. Discussions
  3. Amazon Web Services
  4. AWS Certified Associate
  5. SAA-C03 Discussions
  6. SAA-C03 Exam Topic 2 Question 10 Discussion

Amazon Web Services AWS Certified Solutions Architect - Associate (SAA-C03) SAA-C03 Question # 10 Topic 2 Discussion

 Amazon Web Services Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Amazon Web Services AWS Certified Solutions Architect - Associate (SAA-C03) SAA-C03 Question # 10 Topic 2 Discussion

SAA-C03 Exam Topic 2 Question 10 Discussion:
Question #: 10
Topic #: 2

A company operates multiple VPCs in a single AWS account. Account users need temporary access to Amazon S3 buckets. The S3 buckets are private and have no public endpoints.

The solution must follow the principle of least privilege for access to each environment and must avoid distributing permanent access keys.

Which solution will meet these requirements?
A.

Create a gateway VPC endpoint for Amazon S3 in each VPC. Attach an endpoint policy that allows only environment-scoped IAM roles to access the S3 buckets.

B.

Configure the S3 buckets to use SSE-S3. Create bucket policies that allow access only from the VPC CIDR blocks.

C.

Define separate S3 access points for each environment. Allow users to assume a role associated with the access points. Use the default Amazon S3 endpoints.

D.

Route S3 traffic through a NAT gateway. Configure bucket policies that allow traffic only from the NAT gateway’s public IP addresses.

Get Premium SAA-C03 Questions
Actual exam question for Amazon Web Services SAA-C03 exam by Phoenix57891 at Mar 12, 2026, 7:44:21 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next