Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
exam questions

Exam AWS Certified Solutions Architect - Professional SAP-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional SAP-C02 exam

Exam AWS Certified Solutions Architect - Professional SAP-C02 topic 1 question 6 discussion

A retail company needs to provide a series of data files to another company, which is its business partner. These files are saved in an Amazon S3 bucket under Account A, which belongs to the retail company. The business partner company wants one of its IAM users, User_DataProcessor, to access the files from its own AWS account (Account B).
Which combination of steps must the companies take so that User_DataProcessor can access the S3 bucket successfully? (Choose two.)

  • A. Turn on the cross-origin resource sharing (CORS) feature for the S3 bucket in Account A.
  • B. In Account A, set the S3 bucket policy to the following:
  • C. In Account A, set the S3 bucket policy to the following:
  • D. In Account B, set the permissions of User_DataProcessor to the following:
  • E. In Account B, set the permissions of User_DataProcessor to the following:
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
robertohyena
Highly Voted 1 month, 4 weeks ago
Answer: C & D Source: https://aws.amazon.com/premiumsupport/knowledge-center/cross-account-access-s3/ https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-walkthroughs-managing-access-example4.html
upvoted 32 times
...
higashikumi
Highly Voted 1 month, 4 weeks ago
C & D To allow User_DataProcessor to access the S3 bucket from Account B, the following steps need to be taken: In Account A, set the S3 bucket policy to allow access to the bucket from the IAM user in Account B. This is done by adding a statement to the bucket policy that allows the IAM user in Account B to perform the necessary actions (GetObject and ListBucket) on the bucket and its contents. In Account B, create an IAM policy that allows the IAM user (User_DataProcessor) to perform the necessary actions (GetObject and ListBucket) on the S3 bucket and its contents. The policy should reference the ARN of the S3 bucket and the actions that the user is allowed to perform. Note: turning on the cross-origin resource sharing (CORS) feature for the S3 bucket in Account A is not necessary for this scenario as it is typically used for allowing web browsers to access resources from different domains.
upvoted 19 times
...
Jorkaef
Most Recent 6 days, 5 hours ago
The correct combination of steps for this scenario are: C. In Account A, set the S3 bucket policy to the following: E. In Account B, set the permissions of User_DataProcessor to the following: Here's why these are the correct steps: Step C: The bucket policy in Account A (the retail company) needs to explicitly allow access to the IAM user from Account B (the business partner). This policy grants the necessary permissions to User_DataProcessor from Account B to access the S3 bucket in Account A. Step E: In Account B (the business partner's account), the IAM user User_DataProcessor needs to be granted permissions to access S3 resources. This IAM policy allows the user to perform the necessary S3 actions.
upvoted 1 times
...
TariqKipkemei
3 weeks, 1 day ago
Selected Answer: C
C & D. In Account A, set the S3 bucket policy to allow only 'User_DataProcessor' from Account B access. In Account B, set the permissions of User_DataProcessor to allow access to S3 bucket in Account A.
upvoted 1 times
...
85b5b55
3 weeks, 5 days ago
Answer: C & D
upvoted 1 times
...
atirado
1 month, 4 weeks ago
Selected Answer: C
Option A - CORS does not address cross-account access to S3 buckets Option B - This option would not work because the bucket policy is missing the Principal Option C - This option provides a valid S3 bucket policy that grants access to User_DataProcessor Option D - These permissions allow User_DataProcessor to get objects out of the bucket Option E - This option would not work because it is not a valid IAM policy
upvoted 1 times
...
amministrazione
2 months, 3 weeks ago
C. In Account A, set the S3 bucket policy to the following: D. In Account B, set the permissions of User_DataProcessor to the following:
upvoted 1 times
...
dEgYnIDA
4 months ago
Selected Answer: D
The question says Choose two. The answer is C & D.
upvoted 1 times
...
kpcert
5 months, 1 week ago
Selected Answer: C
Ans C and D 2 Options have to be selected
upvoted 1 times
...
kpcert
5 months, 1 week ago
Ans - C and D 2 Options have to be selected
upvoted 1 times
...
MoT0ne
8 months, 1 week ago
Selected Answer: C
Cross-Origin Resource Sharing (CORS) is a security feature in Amazon S3 that allows you to control access to your S3 resources from a different domain (origin) than the one serving the resources. CORS defines a way for client web applications running in one origin to interact with resources in a different origin, which is otherwise restricted by the same-origin policy enforced by web browsers.
upvoted 1 times
...
Dgix
8 months, 3 weeks ago
C and D.
upvoted 1 times
...
awsylum
8 months, 4 weeks ago
The answer is C and D. You need to give the IAM User in Account B an IAM Policy and you need to give a Bucket Policy in Account A. Who is maintaining this database of questions? Someone needs to seriously set the correct answers before making a lot of people confused and potentially screw up their exam.
upvoted 1 times
...
chelbsik
9 months, 2 weeks ago
Selected Answer: D
Correct answer: C and D Adding my vote for D to balance the result Moderator, please fix the vote in this ticket.
upvoted 2 times
...
ftaws
9 months, 3 weeks ago
why we need two steps? I think that we get only one from resource-based policy or identity-based policy.
upvoted 1 times
...
Vaibs099
10 months ago
Answer C & D
upvoted 1 times
...
shaaam80
11 months, 3 weeks ago
Selected Answer: C
Answer - C & D
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...