A developer is writing a web application that must share secure documents with end users. The documents are stored in a private Amazon S3 bucket. The application must allow only authenticated users to download specific documents when requested, and only for a duration of 15 minutes.
How can the developer meet these requirements?
A . Copy the documents to a separate S3 bucket that has a lifecycle policy for deletion after 15 minutes.
B . Create a presigned S3 URL using the AWS SDK with an expiration time of 15 minutes.
C . Use server-side encryption with AWS KMS managed keys (SSE-KMS) and download the documents using HTTP
E . Modify the S3 bucket policy to only allow specific users to download the documents. Revert the change after 15 minutes.
Answer: B
Explanation:
Reference: https://aws.amazon.com/premiumsupport/knowledge-center/secure-s3-resources/
Leave a Reply