A company hosts customer data in an Amazon S3 bucket.

Amazon Web Services SAA-C03 Question Answer

A company hosts customer data in an Amazon S3 bucket. The company wants to ensure that only specific applications that run on Amazon EC2 instances in a private subnet have access to the S3 bucket. The applications must not require long-term AWS access keys. The company needs to log all access to S3 objects for auditing purposes.

Which solution will meet these requirements?

Create an S3 bucket policy that allows access only from the private subnet ' s IP range. Configure each EC2 instance to use access keys that are stored in AWS Systems Manager Parameter Store. Configure Amazon S3 server access logging.

Create an IAM role that has access to the S3 bucket. Attach the IAM role to the EC2 instances. Update the bucket policy to allow access only for the role. Use AWS CloudTrail to log data events for the bucket.

Create an IAM user, an access key, and a secret key. Store the keys in AWS Secrets Manager. Configure the EC2 instances to retrieve the keys. Use AWS CloudTrail management events to track bucket access.

Create a gateway VPC endpoint for Amazon S3. Update the S3 bucket policy to allow access only through the endpoint. Attach an IAM role to the EC2 instances that has appropriate S3 permissions. Use VPC Flow Logs to track VPC endpoint activity.

Amazon Web Services SAA-C03 View All Questions

Amazon Web Services SAA-C03 Summary

Vendor: Amazon Web Services
Product: SAA-C03
Update on: May 18, 2026
Questions: 879

Price: $52.5 ~~$149.99~~

Buy Now SAA-C03 PDF + Testing Engine Pack

A company is designing a website that displays stock market prices to users.

A company is migrating mobile banking applications to run on Amazon EC2 instances in a...

Pre-Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmasmnth

A company hosts customer data in an Amazon S3 bucket.

The Answer Is:

Explanation:

Amazon Web Services SAA-C03 Summary

Payments We Accept

Contact Us