AmazonAmazon
SAA-C03 · Question #687
SAA-C03 Question #687: Real Exam Question with Answer & Explanation
Sign in or unlock SAA-C03 to reveal the answer and full explanation for question #687. The question stem and answer options stay visible for context.
Submitted by weili_xi· Mar 4, 2026Design Secure Architectures
Question
A company is storing sensitive user information in an Amazon S3 bucket. The company wants to provide secure access to this bucket from the application tier running on Amazon EC2 instances inside a VPC. Which combination of steps should a solutions architect take to accomplish this? (Choose two.)
Options
- AConfigure a VPC gateway endpoint for Amazon S3 within the VPC
- BCreate a bucket policy to make the objects to the S3 bucket public
- CCreate a bucket policy that limits access to only the application tier running in the VPC
- DCreate an IAM user with an S3 access policy and copy the IAM credentials to the EC2 instance
- ECreate a NAT instance and have the EC2 instances use the NAT instance to access the S3
Unlock SAA-C03 to see the answer
You've previewed enough free SAA-C03 questions. Unlock SAA-C03 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.