SAA-C03 · Question #723
SAA-C03 Question #723: Real Exam Question with Answer & Explanation
Sign in or unlock SAA-C03 to reveal the answer and full explanation for question #723. The question stem and answer options stay visible for context.
Question
A company must give a small group of auditors read-only access to an Amazon S3 bucket that stores sensitive audit logs. The auditors will review the logs once each month. The company has provisioned an IAM user for each auditor. The company must use the following specifications: - The bucket remains private to the account - Credentials are temporary and rotate automatically - Access expires at the end of the monthly review period - All activity is traceable to individual users in AWS CloudTrail Which solution will meet these requirements?
Options
- AGenerate pre-signed URLs for the required objects that expire at the end of the review period.
- BCreate an IAM role with read-only S3 bucket access. Include a condition that allows auditors
- CAdd each auditor's IAM user to the bucket ACL with Read permissions. Remove each auditor's
- DEnable S3 static website hosting. Restrict access to each auditor's corporate IP address range by
Unlock SAA-C03 to see the answer
You've previewed enough free SAA-C03 questions. Unlock SAA-C03 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.