A root account owner has given full access of his S3 bucket to one of the IAM users using the bucket ACL. When the IAM user logs in to the S3 console, which actions can he perform?
A.
He can just view the content of the bucket
B.
He can do all the operations on the bucket
C.
It is not possible to give access to an IAM user using ACL
D.
The IAM user can perform all operations on the bucket using only API/SDK
Suggested Answer:C🗳️
Each AWS S3 bucket and object has an ACL (Access Control List) associated with it. An ACL is a list of grants identifying the grantee and the permission granted. The user can use ACLs to grant basic read/write permissions to other AWS accounts. ACLs use an Amazon S3ג€"specific XML schema. The user cannot grant permissions to other users (IAM users) in his account.
In AWS, IAM (Identity and Access Management) is the recommended way to manage access to AWS resources, including S3 buckets. IAM provides fine-grained control over permissions and allows administrators to define policies that specify what actions a user can perform on specific resources.
Bucket ACLs, on the other hand, are a legacy way of managing access control in S3 and are not designed to grant access to IAM users directly. Bucket ACLs are used to grant permissions to individual AWS accounts or predefined groups, but they do not work with IAM users.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
albert_kuo
4 months, 3 weeks agoFinger41
1 year, 4 months agoTroyMcLure
1 year, 12 months agoawscertified
2 years agokarmaah
2 years ago