Explanation:
The correct answer is D. The IAM policy written for the S3 bucket allows access to all objects in the 'DOC-EXAMPLE-BUCKET' bucket except for objects that start with 'secrets'. This means the policy provides s3:GetObject and s3:PutObject access to the specified bucket while explicitly denying access to objects that have a prefix of 'secrets'.
Ultimate access to all questions.
No comments yet.
An IAM policy has been defined for access to an Amazon S3 bucket. Determine the specific access permissions granted for the s3:GetObject and s3:PutObject actions within the policy.
A
All bucket access except for 'DOC-EXAMPLE-BUCKET'
B
Access to buckets beginning with 'DOC-EXAMPLE-BUCKET'
C
Access to all objects within 'DOC-EXAMPLE-BUCKET'
D
All object access in 'DOC-EXAMPLE-BUCKET' excluding those starting with 'secrets'