Which features can be used to restrict access to data in S3?

Which features can be used to restrict access to data in S3? Choose 2 answers

A.
Set an S3 ACL on the bucket or the object.

B.
Create a CloudFront distribution for the bucket.

C.
Set an S3 bucket policy.

D.
Enable IAM Identity Federation

E.
Use S3 Virtual Hosting

Explanation:

http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-accessto-s3.html

Show Hint

← Previous question

Next question →

Leave a Reply 15

A, C
Q: How secure is my data?

Amazon S3 is secure by default. Only the bucket and object owners originally have access to Amazon S3 resources they create. Amazon S3 supports user authentication to control access to data. You can use access control mechanisms such as bucket policies and Access Control Lists (ACLs) to selectively grant permissions to users and groups of users. You can securely upload/download your data to Amazon S3 via SSL endpoints using the HTTPS protocol. If you need extra security you can use the Server Side Encryption (SSE) option or the Server Side Encryption with Customer-Provide Keys (SSE-C) option to encrypt data stored-at-rest. Amazon S3 provides the encryption technology for both SSE and SSE-C. Alternatively you can use your own encryption libraries to encrypt data before storing it in Amazon S3.
Source: https://aws.amazon.com/s3/faqs/

hello

A, C and D are potentially correct

mutiger91

D doesn’t directly do anything related to assigning permissions to an object or bucket. It could be your identity solution, but you would still have to do A or C in conjunction.

networkmanagers

I choose AC

onmax

A,C is the correct answer

kamleshj

Customers may use four mechanisms for controlling access to Amazon S3 resources: Identity and Access Management (IAM) policies, bucket policies, Access Control Lists (ACLs) and query string authentication

sean

i go with C,D

engmohhamed

Mayur

A & C

duleendra

Ash

AC …stating from acloud guru:
“You can setup access control to your bucket using:
Bucket Policies
ACL ”

https://acloud.guru/course/aws-certified-solutions-architect-associate/learn/storage/security-and-encryption/watch
(forward to 1:10)

ramakrishna

A and C

noorani khan

AC
http://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html

deathless

tarek

answer is AC

https://aws.amazon.com/s3/faqs/

Q: How can I control access to my data stored on Amazon S3?
Customers may use four mechanisms for controlling access to Amazon S3 resources: Identity and Access Management (IAM) policies, bucket policies, Access Control Lists (ACLs) and query string authentication. …