Explanation:
Option A provides the minimal necessary permissions by explicitly allowing both listing (s3:ListBucket) and downloading (s3:GetObject) objects from the S3 bucket DOC-EXAMPLE-BUCKET. This ensures the application can perform the required operations without granting additional permissions that are not needed. Options B, C, and D either grant excessive permissions or fail to grant all necessary permissions, making them less secure or functional.
Ultimate access to all questions.
No comments yet.
An online web application stores its product catalog in an S3 bucket named DOC-EXAMPLE-BUCKET. The application requires IAM policy permissions to list and download catalog objects. Identify the policy providing the least privilege necessary for these operations.
A
A policy granting permissions to list and download from DOC-EXAMPLE-BUCKET.
B
A policy granting full access to DOC-EXAMPLE-BUCKET.
C
A policy granting permission to only list objects in DOC-EXAMPLE-BUCKET.
D
A policy granting permission to only download objects from DOC-EXAMPLE-BUCKET.