A sys admin has created the below mentioned policy and applied to an S3 object named aws.jpg. The aws.jpg is inside a bucket named cloudacademy.
What does this policy define?
A . It is not possible to define a policy at the object level
B . It will make all the objects of the bucket cloudacademy as public
C . It will make the bucket cloudacademy as public
D . the aws.jpg object as public
Answer: A
Explanation:
A system admin can grant permission to the S3 objects or buckets to any user or make objects public using the bucket policy and user policy. Both use the JSON-based access policy language. Generally, if the user is defining the ACL on the bucket, the objects in the bucket do not inherit it and vice a versa. The bucket policy can be defined at the bucket level which allows the objects as well as the bucket to be public with a single policy applied to that bucket. It cannot be applied at the object level.
Leave a Reply