An online web application stores its product catalog in an S3 bucket named DOC-EXAMPLE-BUCKET. The application requires IAM policy permissions to list and download catalog objects. Identify the policy providing the least privilege necessary for these operations.