AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
A company wants to identify Amazon S3 buckets that are shared with another AWS account. Which AWS service or feature will meet these requirements?
Real Exam
Community
RRitesh
A
AWS Lake Formation
B
IAM credential report
C
Amazon CloudWatch
D
IAM Access Analyzer
Explanation:
IAM Access Analyzer is the correct service for identifying Amazon S3 buckets that are shared with another AWS account. Here's why:
IAM Access Analyzer Features:
-
Resource Analysis: Helps identify resources (like S3 buckets) that are shared with an external entity
-
Cross-Account Access Detection: Specifically designed to find resources accessible from outside your AWS account
-
Security Best Practices: Part of AWS security services that help maintain least-privilege access
Why Other Options Are Incorrect:
-
AWS Lake Formation: Used for building, securing, and managing data lakes, not for identifying cross-account access
-
IAM Credential Report: Provides information about IAM users and their credentials, not resource sharing
-
Amazon CloudWatch: Used for monitoring and observability, not for identifying cross-account resource access
IAM Access Analyzer continuously monitors your AWS environment and alerts you when resources are shared with external entities, making it the ideal choice for this security requirement.
Comments
Loading comments...