1. Home
  2. Discussions
  3. Amazon Web Services
  4. AWS Certified Associate
  5. SAA-C03 Discussions
  6. SAA-C03 Exam Topic 2 Question 12 Discussion

Amazon Web Services AWS Certified Solutions Architect - Associate (SAA-C03) SAA-C03 Question # 12 Topic 2 Discussion

 Amazon Web Services Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Amazon Web Services AWS Certified Solutions Architect - Associate (SAA-C03) SAA-C03 Question # 12 Topic 2 Discussion

SAA-C03 Exam Topic 2 Question 12 Discussion:
Question #: 12
Topic #: 2

A company has Amazon EC2 instances in multiple AWS Regions. The instances all store and retrieve confidential data from the same Amazon S3 bucket. The company wants to improve the security of its current architecture.

The company wants to ensure that only the Amazon EC2 instances within its VPC can access the S3 bucket. The company must block all other access to the bucket.

Which solution will meet this requirement?
A.

Use IAM policies to restrict access to the S3 bucket.

B.

Use server-side encryption (SSE) to encrypt data in the S3 bucket at rest. Store the encryption key on the EC2 instances.

C.

Create a VPC endpoint for Amazon S3. Configure an S3 bucket policy to allow connections only from the endpoint.

D.

Use AWS Key Management Service (AWS KMS) with customer-managed keys to encrypt the data before sending the data to the S3 bucket.

Get Premium SAA-C03 Questions
Actual exam question for Amazon Web Services SAA-C03 exam by Sage917 at Aug 2, 2025, 12:00:00 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next