AWS Certified Security - Specialty
Get started today
Ultimate access to all questions.
Ultimate access to all questions.
Company A, with an AWS account named Account A, has recently acquired Company B, which has an AWS account named Account B. Company B stores its data in an Amazon S3 bucket. To facilitate the acquisition, administrators need to grant a user from Account A full access to the S3 bucket in Account B. Despite configuring the necessary IAM permissions for the user in Account A, the user is unable to access the files in the S3 bucket. What solution should be implemented to resolve this access issue?
Explanation:
The correct answer is C. In Account B, a bucket policy should be created to allow the user from Account A to access the S3 bucket in Account B. Bucket policies are the recommended way to manage access to S3 buckets across multiple AWS accounts because they provide a centralized approach to manage permissions and can specify permissions for the entire bucket. Other options, such as bucket ACLs and object ACLs, are less robust and more difficult to manage for this scenario.