Answer-first summary for fast verification
Answer: Set up a VPC endpoint for Amazon S3., Restrict S3 bucket access to the VPC application tier.
To secure access to the S3 bucket from EC2 instances within a VPC, the most appropriate solutions are: 1) Setting up a VPC gateway endpoint (Option A), which ensures secure and private connectivity to S3 without needing a public IP or traversing the internet. 2) Creating a bucket policy that limits access to only the application tier running in the VPC (Option C), which ensures that only the designated application has permissions to access the sensitive data in the S3 bucket. Options B, D, and E do not provide the necessary security or are not the most efficient methods for this scenario.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
How should a solutions architect secure access to an Amazon S3 bucket containing sensitive user information from an application tier within a VPC?
A
Set up a VPC endpoint for Amazon S3.
B
Make S3 bucket objects publicly accessible.
C
Restrict S3 bucket access to the VPC application tier.
D
Assign IAM user with S3 access policy to EC2 instances.
E
Utilize a NAT instance for EC2 instances to access the S3 bucket.
No comments yet.