CompTIA Study Materials
AWS Study Materials
AWS Certified Developer Associate AWS Certified Developer Associate
AWS Certified Developer Associate DVA-C02
AWS Certified Solutions Architect Associate AWS Certified Solutions Architect Associate
AWS Certified Solutions Architect Associate SAA-C03
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free AWS Certified Solutions Architect Associate SAA-C03 Practice Question

A company with multiple organizational accounts needs to provide its data analytics team, which operates in a dedicated account, with read-only access to specific object prefixes within a storage service managed by another account. What is the most secure way to configure this access?

  • Craft a resource-based policy on the storage buckets to grant read privileges on the specified object prefixes to the analytics team's account.

  • Utilize key management service policies to allow analytics team's data processing applications to decrypt read-access data.

  • Attach managed policies to the analytics team's user accounts that specify read permissions on the object prefixes in the storage service.

  • Deploy network access control lists to enable selective object prefix traffic from the analytics team's account to the storage service.

This question's topic:
AWS Certified Solutions Architect Associate SAA-C03 / 
Design Secure Architectures
Your Score:
Design Secure Architectures
Design Resilient Architectures
Design High-Performing Architectures
Design Cost-Optimized Architectures