PrepAway - Latest Free Exam Questions & Answers

Which methods ensure that all objects uploaded to the bucket are set to public read?

You need to configure an Amazon S3 bucket to serve static assets for your public-facing web application.
Which methods ensure that all objects uploaded to the bucket are set to public read? Choose 2 answers

PrepAway - Latest Free Exam Questions & Answers

A.
Set permissions on the object to public read during upload.

B.
Configure the bucket ACL to set all objects to public read.

C.
Configure the bucket policy to set all objects to public read.

D.
Use AWS Identity and Access Management roles to set the bucket to public read.

E.
Amazon S3 objects default to public read, so no action is needed.

20 Comments on “Which methods ensure that all objects uploaded to the bucket are set to public read?

  1. star says:

    B is Wrong:
    AC are correct.

    https://aws.amazon.com/articles/5050
    You can use ACLs to grant permissions to individual AWS accounts; however, it is strongly recommended that you do not grant public access to your bucket using an ACL.

    So the recommended approach is create bucket policy, but not ACL.

    Following link give you an example about how to make the bucket content public.
    http://docs.aws.amazon.com/AmazonS3/latest/dev/HostingWebsiteOnS3Setup.html#step2-add-bucket-policy-make-content-public




    0



    1
  2. kamleshj says:

    A and C

    B is Wrong as Below:

    The website shares only the objects in your bucket that are publicly readable. This does not require that you to add any grants to your bucket ACL to provide any public access permissions. Therefore, it is strongly recommended that you remove any public access grants in your bucket ACL so that your bucket is protected from a potentially malicious user performing operations like listing all your objects, modifying objects or changing your ACLs. Follow the steps in the preceding section to remove an ACL grant that identifies everyone or the authenticated users group as the grantee.




    0



    0
  3. Thakor says:

    The answer is B & D.
    B is for Access Control List for all objects read permission
    D is to create a role for S3ReadOnly policy




    1



    0
  4. rnatarajan says:

    Answer is A and C because:

    A. Set permissions on the object to public read during upload. ### This will ensure all objects are readable irrespective of Bucket ACL
    B. Configure the bucket ACL to set all objects to public read ### Bucket ACL configuration does not impact the Object read permission. You still have to individually set object read permission even if you set Bucket ACL to Read.
    C. Configure the bucket policy to set all objects to public read. ### Best method. This does not require you to set individual object permission for public access. All existing and new objects will automatically be public read enabled if you set the bucket policy right.

    D and E are wrong.




    0



    1

Leave a Reply

Your email address will not be published. Required fields are marked *