A system admin is managing buckets, objects and folders with AWS S3. Which of the below
mentioned statements is true and should be taken in consideration by the sysadmin?
A.
The folders support only ACL
B.
Both the object and bucket can have an Access Policy but folder cannot have policy
C.
Folders can have a policy
D.
Both the object and bucket can have ACL but folders cannot have ACL
Explanation:
A sysadmin can grant permission to the S3 objects or the buckets to any user or make objects
public using the bucket policy and user policy. Both use the JSON-based access policy language.
Generally if user is defining the ACL on the bucket, the objects in the bucket do not inherit it and
vice a versa. The bucket policy can be defined at the bucket level which allows the objects as well
as the bucket to be public with a single policy applied to that bucket. It cannot be applied at the
object level. The folders are similar to objects with no content. Thus, folders can have only ACL
and cannot have a policy.
A
0
0
D: tried it practically folders dont have ACL.
0
0
D
0
0
D
http://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html
Amazon S3 Access Control Lists (ACLs) enable you to manage access to buckets and objects. Each bucket and object has an ACL attached to it as a subresource. It defines which AWS accounts or groups are granted access and the type of access. When a request is received against a resource, Amazon S3 checks the corresponding ACL to verify the requester has the necessary access permissions.
0
0
D
0
0