A solutions architect is tasked with ensuring a secure method for a team of cloud engineers to upload objects into an Amazon S3 bucket using the AWS CLI. Each engineer has an IAM user, IAM access keys, and a virtual MFA device. The IAM users are part of an S3-access group, and MFA is mandatory for any actions in Amazon S3. What solution meets these security requirements?

Exam-Like

Attach a policy to the S3 bucket to prompt for an MFA code during actions by the IAM user, and use IAM access keys with the AWS CLI to interact with Amazon S3.

14.3%

Update the S3-access group's trust policy to require MFA for assuming the group, and use IAM access keys with the AWS CLI to interact with Amazon S3.

28.6%

Attach a policy to the S3-access group to deny all S3 actions without MFA, and use IAM access keys with the AWS CLI to interact with Amazon S3.

14.3%

Attach a policy to the S3-access group to deny all S3 actions without MFA, request temporary credentials from AWS STS, and use these credentials in a profile referenced by Amazon S3 during user actions.

42.9%

AWS Certified Solutions Architect - Professional

Get started today

Comments