Answer-first summary for fast verification
Answer: Using pre-signed URL
Overall explanation Correct option: "Using pre-signed URL" All objects by default are private, with object owner having permission to access the objects. However, the object owner can optionally share objects with others by creating a pre-signed URL, using their own security credentials, to grant time-limited permission to download the objects. When you create a pre-signed URL for your object, you must provide your security credentials, specify a bucket name, an object key, specify the HTTP method (GET to download the object) and expiration date and time. The pre-signed URLs are valid only for the specified duration.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You're a developer responsible for maintaining a web application built using .NET. This application currently accesses public objects stored in an S3 bucket via public URLs. During a code review, a colleague pointed out that referencing S3 objects publicly is not advisable, especially since some of these objects contain private data. Following this feedback, the S3 bucket's access permissions were changed to private, resulting in loss of access to those objects.
To address this, you aim to design a solution that allows selective access to certain objects within the S3 bucket, governed by a time-limited policy.
Which of the following options will allow restricted access to these private objects?
A
Using Routing Policy
B
Using IAM policy
C
Using bucket policy
D
Using pre-signed URL
No comments yet.