SAA-C03 · Question #400
SAA-C03 Question #400: Real Exam Question with Answer & Explanation
Sign in or unlock SAA-C03 to reveal the answer and full explanation for question #400. The question stem and answer options stay visible for context.
Question
A company runs an application as a task in an Amazon Elastic Container Service (Amazon ECS) cluster. The application must have read and write access to a specific group of Amazon S3 buckets. The S3 buckets are in the same AWS Region and AWS account as the ECS cluster. The company needs to grant the application access to the S3 buckets according to the principle of least privilege. Which combination of solutions will meet these requirements? (Select TWO.)
Options
- AAdd a tag to each bucket. Create an IAM policy that includes a StringEquals condition that
- BCreate an IAM policy that lists the full Amazon Resource Name (ARN) for each S3 bucket.
- CAttach the IAM policy to the instance role of the ECS task.
- DCreate an IAM policy that includes a wildcard Amazon Resource Name (ARN) that matches all
- EAttach the IAM policy to the task role of the ECS task.
Unlock SAA-C03 to see the answer
You've previewed enough free SAA-C03 questions. Unlock SAA-C03 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.