PrepAway - Latest Free Exam Questions & Answers

Which methods ensure that all objects uploaded to the b…

You need to configure an Amazon S3 bucket to serve static assets for your public-facing web
application. Which methods ensure that all objects uploaded to the bucket are set to public
read? Choose 2 answers

PrepAway - Latest Free Exam Questions & Answers

A.
Set permissions on the object to public read during upload.

B.
Configure the bucket ACL to set all objects to public read.

C.
Configure the bucket policy to set all objects to public read.

D.
Use AWS Identity and Access Management roles to set the bucket to public read.

E.
Amazon S3 objects default to public read, so no action is needed.

Explanation:
https://aws.amazon.com/articles/5050
You can use ACLs to grant permissions to individual AWS accounts; however, it is strongly
recommended that you do not grant public access to your bucket using an ACL.
So the recommended approach is create bucket policy, but not ACL.
Following link give you an example about how to make the bucket content public.
http://docs.aws.amazon.com/AmazonS3/latest/dev/HostingWebsiteOnS3Setup.html#step2-
add-bucket-policy-make-content-public

3 Comments on “Which methods ensure that all objects uploaded to the b…

  1. Jake says:

    The question asks “Which methods ensure that all objects uploaded to the bucket are set to public read”, not “what is the best practice of securing your S3 files”. To me “B” is looking more appropriate than “A”.




    0



    6
  2. Vishnu Piskala says:

    The question does not asks about recommended approach. It is clearly possible to provide public access to all the objects in a bucket using ACL:https://docs.aws.amazon.com/AmazonS3/latest/user-guide/set-bucket-permissions.html

    Public access

    To grant access to your bucket to the general public (everyone in the world), under Public access, choose Everyone. Granting public access permissions means that anyone in the world can access the bucket.

    So the answer is B and C




    1



    5

Leave a Reply to Andrew Cancel reply

Your email address will not be published. Required fields are marked *