A company operates multiple VPCs in a single AWS account.

Amazon Web Services SAA-C03 Question Answer

A company operates multiple VPCs in a single AWS account. Account users need temporary access to Amazon S3 buckets. The S3 buckets are private and have no public endpoints.

The solution must follow the principle of least privilege for access to each environment and must avoid distributing permanent access keys.

Which solution will meet these requirements?

Create a gateway VPC endpoint for Amazon S3 in each VPC. Attach an endpoint policy that allows only environment-scoped IAM roles to access the S3 buckets.

Configure the S3 buckets to use SSE-S3. Create bucket policies that allow access only from the VPC CIDR blocks.

Define separate S3 access points for each environment. Allow users to assume a role associated with the access points. Use the default Amazon S3 endpoints.

Route S3 traffic through a NAT gateway. Configure bucket policies that allow traffic only from the NAT gateway’s public IP addresses.

Amazon Web Services SAA-C03 View All Questions

Amazon Web Services SAA-C03 Summary

Vendor: Amazon Web Services
Product: SAA-C03
Update on: May 18, 2026
Questions: 879

Price: $52.5 ~~$149.99~~

Buy Now SAA-C03 PDF + Testing Engine Pack

A company uses AWS CloudFormation to deploy IAM resources within accounts that AWS Control Tower...

An ecommerce company runs a multi-tier application on AWS.

Pre-Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmasmnth

A company operates multiple VPCs in a single AWS account.

The Answer Is:

Explanation:

Amazon Web Services SAA-C03 Summary

Payments We Accept

Contact Us