New Release: Earn Rewards by referring new users! You can earn rewards redeemable for discounts on Vouchers and Memberships!

Free AWS Certified Developer Associate DVA-C02 Practice Question

An application deployed on AWS requires the ability to perform read operations on objects within a specific Amazon S3 bucket and write logs to a different S3 bucket. Which IAM policy statement adheres most closely to the principle of least privilege?

  • Allow 's3:*' on the ARN of both the input and output buckets.

  • Allow 's3:GetObject' on all resources using a wildcard (*) and 's3:PutObject' on the ARN of the output bucket.

  • Allow 's3:GetObject' on the ARN of the input bucket and 's3:PutObject' on any resource using a wildcard (*).

  • Allow 's3:GetObject' on the ARN of the input bucket and 's3:PutObject' on the ARN of the output bucket.

This question's topic:
AWS Certified Developer Associate DVA-C02 / 
Security
Your Score:

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Pass using Crucial? Post on Social Media and get a $15 Account Credit! Rules apply. Hide these