Which features can be used to restrict access to data in S3? Choose 2 answers
A.
Set an S3 Bucket policy.
B.
Enable IAM Identity Federation.
C.
Set an S3 ACL on the bucket or the object.
D.
Create a CloudFront distribution for the bucket
E.
Use S3 Virtual Hosting
A & C
I have the same idea. BC
A C
A, C
https://aws.amazon.com/s3/faqs/
AC
AC
Answer:
A. Set an S3 Bucket policy.
C. Set an S3 ACL on the bucket or the object.
“Customers may use four mechanisms for controlling access to Amazon S3 resources: Identity and Access Management (IAM) policies, bucket policies, Access Control Lists (ACLs) and query string authentication.”
https://aws.amazon.com/s3/faqs/
AC
AC
A, C.
https://aws.amazon.com/s3/faqs
Q: How can I control access to my data stored on Amazon S3?
Customers may use four mechanisms for controlling access to Amazon S3 resources: Identity and Access Management (IAM) policies, bucket policies, Access Control Lists (ACLs) and query string authentication
But you can creat a cloudfront custom origin to restrict access to the s3 bucket.
Using an Origin Access Identity to Restrict Access to Your Amazon S3 Content
Note
You can also restrict access to content on a custom origin by using custom headers. For more information, see Using Custom Headers to Restrict Access to Your Content on a Custom Origin.
http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html
B & C
http://docs.aws.amazon.com/AmazonS3/latest/user-guide/add-bucket-policy.html
A & C
B AND C
A & C
You can set up access control to buckets using:
1) Bucket Policies (applied to the entire bucket)
2) ACLs (for more granularity: Can be for individual objects)
A&C
http://docs.aws.amazon.com/AmazonS3/latest/user-guide/add-bucket-policy.html
AC