AWS Certified Developer Associate DVA-C02 Practice Question
A development team needs to allow an external consultant's account to access a specific Amazon S3 bucket to store and retrieve files essential for a joint project. The external consultant should not be given user credentials within the team's AWS account. What type of policy should the development team attach to the S3 bucket to allow access directly to the bucket itself?
Service control policy (SCP)
Resource-based policy (e.g., S3 bucket policy)
Identity-based policy attached to a user
IAM group policy