AWS Certified Developer - Associate

Get started today

Ultimate access to all questions.

As part of their project, a Developer is tasked with securing several Amazon S3 buckets that are accessed by a large team of users within the organization. In a previous instance, an incorrect modification of a bucket policy led to the bucket being accessible to everyone, including individuals outside the organization.

Which AWS feature or service should the developer use to quickly identify and prevent similar security misconfigurations with minimal effort?

Exam-Like

S3 Object Lock

Access Advisor feature on IAM console

S3 Analytics

IAM Access Analyzer

Explanation:

IAM Access Analyzer - AWS IAM Access Analyzer helps you identify the resources in your organization and accounts, such as Amazon S3 buckets or IAM roles, that are shared with an external entity. This lets you identify unintended access to your resources and data, which is a security risk.

You can set the scope for the analyzer to an organization or an AWS account. This is your zone of trust. The analyzer scans all of the supported resources within your zone of trust. When Access Analyzer finds a policy that allows access to a resource from outside of your zone of trust, it generates an active finding.

Powered ByGPT-5.2

Comments

Loading comments...