What will happen in this scenario?

A bucket owner has allowed another account’s IAM users to upload or access objects in his
bucket. The IAM user of Account A is trying to access an object created by the IAM user of
account B. What will happen in this scenario?

A bucket owner has allowed another account’s IAM users to upload or access objects in his
bucket. The IAM user of Account A is trying to access an object created by the IAM user of
account B. What will happen in this scenario?

A.
It is not possible to give permission to multiple IAM users

B.
AWS S3 will verify proper rights given by the owner of Account A, the bucket owner as well as by
the IAM user B to the object

C.
The bucket policy may not be created as S3 will give error due to conflict of Access Rights

D.
It is not possible that the IAM user of one account accesses objects of the other IAM user

Explanation:
If a IAM user is trying to perform some action on an object belonging to another AWS user’s
bucket, S3 will verify whether the owner of the IAM user has given sufficient permission to him. It
also verifies the policy for the bucket as well as the policy defined by the object owner.
http://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-auth-workflow-objectoperation.html



Leave a Reply 0

Your email address will not be published. Required fields are marked *