SCS-C02 · Question #224
SCS-C02 Question #224: Real Exam Question with Answer & Explanation
The correct answer is C: Review the IAM policy by using AWS Identity and Access Management Access Analyzer to. The issue is most likely related to the IAM policy that is attached to the role the application uses. AWS IAM Access Analyzer helps review and analyze the IAM policy to ensure it grants the correct permissions and is not overly restrictive. By reviewing the policy and validating
Question
A company has an application that needs to read objects from an Amazon S3 bucket. The company configures an IAM policy and attaches the policy to an IAM role that the application uses. When the application tries to read objects from the S3 bucket, the application receives AccessDenied errors. A security engineer must resolve this problem without decreasing the security of the S3 bucket or the application. Which solution will meet these requirements?
Options
- AAttach a resource policy to the S3 bucket to grant read access to the role.
- BLaunch a new deployment of the application in a different AWS Region. Attach the role to the
- CReview the IAM policy by using AWS Identity and Access Management Access Analyzer to
- DEnsure that the S3 Block Public Access feature is disabled on the S3 bucket. Review AWS
Explanation
The issue is most likely related to the IAM policy that is attached to the role the application uses. AWS IAM Access Analyzer helps review and analyze the IAM policy to ensure it grants the correct permissions and is not overly restrictive. By reviewing the policy and validating the application's role assumption, the security engineer can ensure that the IAM policy is correctly
Community Discussion
No community discussion yet for this question.