A system admin is managing buckets, objects and folders with AWS S3. Which of the below mentioned
statements is true and should be taken in consideration by the sysadmin?
A.
The folders support only ACL
B.
Both the object and bucket can have an Access Policy but folder cannot have policy
C.
Folders can have a policy
D.
Both the object and bucket can have ACL but folders cannot have ACL
Explanation:
A sysadmin can grant permission to the S3 objects or the buckets to any user or make objects public using the
bucket policy and user policy. Both use the JSON-based access policy language. Generally if user is defining the
ACL on the bucket, the objects in the bucket do not inherit it and vice a versa. The bucket policy can be defined
at the bucket level which allows the objects as well as the bucket to be public with a single policy applied to
that bucket. It cannot be applied at the object level. The folders are similar to objects with no content. Thus,
folders can have only ACL and cannot have a policy.