ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Developer - Associate DVA-C02 All Questions

View all questions & answers for the AWS Certified Developer - Associate DVA-C02 exam
Go to Exam

Exam AWS Certified Developer - Associate DVA-C02 topic 1 question 110 discussion

Exam question from Amazon's AWS Certified Developer - Associate DVA-C02
Question #: 110
Topic #: 1
[All AWS Certified Developer - Associate DVA-C02 Questions]

A company is providing read access to objects in an Amazon S3 bucket for different customers. The company uses IAM permissions to restrict access to the S3 bucket. The customers can access only their own files.

Due to a regulation requirement, the company needs to enforce encryption in transit for interactions with Amazon S3.

Which solution will meet these requirements?

  • A. Add a bucket policy to the S3 bucket to deny S3 actions when the aws:SecureTransport condition is equal to false.
  • B. Add a bucket policy to the S3 bucket to deny S3 actions when the s3:x-amz-acl condition is equal to public-read.
  • C. Add an IAM policy to the IAM users to enforce the usage of the AWS SDK.
  • D. Add an IAM policy to the IAM users that allows S3 actions when the s3:x-amz-acl condition is equal to bucket-owner-read.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by MrTee at April 22, 2023, 6:23 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
MrTee
Highly Voted 1 year, 6 months ago
Selected Answer: A
This solution enforces encryption in transit for interactions with Amazon S3 by denying access to the S3 bucket if the request is not made over an HTTPS connection. This condition can be enforced by using the "aws:SecureTransport" condition key in a bucket policy.
upvoted 19 times
jipark
1 year, 2 months ago
'in transit' = SSL Secure Transport
upvoted 2 times
...
...
sumanshu
Most Recent 4 months ago
Selected Answer: A
By adding a bucket policy that denies S3 actions when the aws:SecureTransport condition is false, you ensure that only requests made over HTTPS are allowed. The condition aws:SecureTransport checks if the request was made using a secure transport (HTTPS). B) Eliminated - s3:x-amz-acl condition relates to access control lists (ACLs) for the objects C) Enforcing the usage of the AWS SDK does not guarantee encryption in transit. D) Eliminated - The bucket-owner-read ACL allows the bucket owner to read the objects, but it does not enforce secure communication
upvoted 1 times
...
65703c1
5 months ago
Selected Answer: A
A is the correct answer.
upvoted 1 times
...
loctong
1 year, 5 months ago
Selected Answer: A
To enforce encryption in transit for interactions with Amazon S3, you can add a bucket policy to the S3 bucket that denies S3 actions when the aws:SecureTransport condition is equal to false. This condition checks whether the requests to S3 are made over a secure (HTTPS) connection.
upvoted 3 times
...
rlnd2000
1 year, 5 months ago
Selected Answer: A
https://repost.aws/knowledge-center/s3-bucket-policy-for-config-rule
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago