Crucial Exams

AWS Certified Developer Associate DVA-C02 Practice Question

Your organization enforces a governance rule that only the central security team can create, update, or attach IAM policies. Developers cannot change identity-based or resource-based policies themselves. The development team must review configuration files stored in the S3 bucket named dev-configurations. What is the MOST secure way to grant the team the required read-only access while complying with the governance model and the principle of least privilege?

  • Attach the AWS-managed policy AmazonS3ReadOnlyAccess to the development team's IAM role.

  • Add an S3 bucket policy yourself that grants the development IAM users s3:GetObject permission on the bucket.

  • Open a ticket asking the security team to create a customer-managed policy granting s3:GetObject and s3:ListBucket on the dev-configurations bucket and attach it to the development group.

  • Create a permissions boundary for each developer that includes the required S3 actions.

AWS Certified Developer Associate DVA-C02
Security
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot