A user is having access to objects of an S3 bucket which is not owned by him. If he is trying to set the objects of that
bucket public, which of the below mentioned options may be a right fit for this action?
A.
Make the bucket public with full access
B.
Define the policy for the bucket
C.
Provide ACL on the object
D.
Create an IAM user with permission
Explanation:
An S3 object ACL is the only way to manage access to objects which are not owned by the bucket owner. An AWS
account that owns the bucket can grant another AWS account permission to upload objects. The bucket owner does not
own these objects. The AWS account that created the object must grant permissions using object ACLs.
http://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-alternatives-guidelines.html
C
C