PrepAway - Latest Free Exam Questions & Answers

What does this policy define?

A sys admin has created the below mentioned policy and applied to an S3 object named aws.jpg. The aws.jpg is inside
a bucket named cloudacademy. What does this policy define?
“Statement”: [{
“Sid”: “Stmt1388811069831”,

“Effect”: “Allow”,
“Principal”: { “AWS”: “*”},
“Action”: [ “s3:GetObjectAcl”, “s3:ListBucket”, “s3:GetObject”],
“Resource”: [ “arn:aws:s3:::cloudacademy/*.jpg”]
}]

PrepAway - Latest Free Exam Questions & Answers

A.
It is not possible to define a policy at the object level

B.
It will make all the objects of the bucket cloudacademy as public

C.
It will make the bucket cloudacademy as public

D.
the aws.jpg object as public

Explanation:
A system admin can grant permission to the S3 objects or buckets to any user or make objects public using the bucket
policy and user policy. Both use the JSON-based access policy language. Generally if the user is defining the ACL on
the bucket, the objects in the bucket do not inherit it and vice a versa. The bucket policy can be defined at the bucket
level which allows the objects as well as the bucket to be public with a single policy applied to that bucket. It cannot be
applied at the object level.

2 Comments on “What does this policy define?


Leave a Reply

Your email address will not be published. Required fields are marked *