SAA-C03 Question #328: Real Exam Question with Answer & Explanation

Question

A company uses a single Amazon S3 bucket to store data that multiple business applications must access. The company hosts the applications on Amazon EC2 Windows instances that are in a VPC. The company configured a bucket policy for the S3 bucket to grant the applications access to the bucket. The company continually adds more business applications to the environment. As the number of business applications increases, the policy document becomes more difficult to manage. The S3 bucket policy document will soon reach its policy size quota. The company needs a solution to scale its architecture to handle more business applications. Which solution will meet these requirements in the MOST operationally efficient way?

Options

• AMigrate the data from the S3 bucket to an Amazon Elastic File System (Amazon EFS) volume.
• BDeploy an AWS Storage Gateway appliance for each application. Reconfigure the applications to
• CCreate a new S3 bucket for each application. Configure S3 replication to keep the new buckets
• DCreate an S3 access point for each application. Instruct application owners to use their respective

Explanation

Amazon S3 Access Points simplify managing data access for shared datasets in S3 by allowing the creation of distinct access policies for different applications or users. Each access point has its own policy and can be managed independently. This method avoids overloading a single bucket policy and helps remain within policy size limits. Option D provides a scalable and operationally efficient solution by offloading individual access controls from a central bucket policy to individually managed access points, which is ideal for environments with many consuming applications.

No community discussion yet for this question.