SCS-C02 · Question #134
SCS-C02 Question #134: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C02 to reveal the answer and full explanation for question #134. The question stem and answer options stay visible for context.
Question
A security engineer needs to create an Amazon S3 bucket policy to grant least privilege read access to IAM user accounts that are named User1, User2, and User3. These IAM user accounts are members of the AuthorizedPeople IAM group. The security engineer drafts the following S3 bucket policy: When the security engineer tries to add the policy to the S3 bucket, the following error message appears: "Missing required field Principal." The security engineer is adding a Principal element to the policy. The addition must provide read access to only User1, User2, and User3. Which solution meets these requirements? A. B. C. D.
Options
- A"Principal": { "AWS": [ "arn:aws:iam::1234567890:user/User1", "arn:aws:iam::1234567890:user/User2", "arn:aws:iam::1234567890:user/User3" ] }
- B"Principal": { "AWS": [ "arn:aws:iam::1234567890:root" ] }
- C"Principal": { "AWS": [ "*" ] }
- D"Principal": { "AWS": "arn:aws:iam::1234567890:group/AuthorizedPeople" }
Unlock SCS-C02 to see the answer
You've previewed enough free SCS-C02 questions. Unlock SCS-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.