Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: force70

  1. Home
  2. Discussions
  3. Amazon Web Services
  4. AWS Certified Associate
  5. SAA-C03 Discussions
  6. SAA-C03 Exam Topic 3 Question 25 Discussion

Amazon Web Services AWS Certified Solutions Architect - Associate (SAA-C03) SAA-C03 Question # 25 Topic 3 Discussion

 Amazon Web Services Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Amazon Web Services AWS Certified Solutions Architect - Associate (SAA-C03) SAA-C03 Question # 25 Topic 3 Discussion

SAA-C03 Exam Topic 3 Question 25 Discussion:
Question #: 25
Topic #: 3

A company hosts customer data in an Amazon S3 bucket. The company wants to ensure that only specific applications that run on Amazon EC2 instances in a private subnet have access to the S3 bucket. The applications must not require long-term AWS access keys. The company needs to log all access to S3 objects for auditing purposes.

Which solution will meet these requirements?
A.

Create an S3 bucket policy that allows access only from the private subnet ' s IP range. Configure each EC2 instance to use access keys that are stored in AWS Systems Manager Parameter Store. Configure Amazon S3 server access logging.

B.

Create an IAM role that has access to the S3 bucket. Attach the IAM role to the EC2 instances. Update the bucket policy to allow access only for the role. Use AWS CloudTrail to log data events for the bucket.

C.

Create an IAM user, an access key, and a secret key. Store the keys in AWS Secrets Manager. Configure the EC2 instances to retrieve the keys. Use AWS CloudTrail management events to track bucket access.

D.

Create a gateway VPC endpoint for Amazon S3. Update the S3 bucket policy to allow access only through the endpoint. Attach an IAM role to the EC2 instances that has appropriate S3 permissions. Use VPC Flow Logs to track VPC endpoint activity.

Get Premium SAA-C03 Questions
Actual exam question for Amazon Web Services SAA-C03 exam by Nova83412 at Apr 16, 2026, 1:50:33 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next