AWS Certified Developer – Associate (DVA-C02) — Question 119
A company moved some of its secure files to a private Amazon S3 bucket that has no public access. The company wants to develop a serverless application that gives its employees the ability to log in and securely share the files with other users.
Which AWS feature should the company use to share and access the files securely?
Answer options
- A. Amazon Cognito user pool
- B. S3 presigned URLs
- C. S3 bucket policy
- D. Amazon Cognito identity pool
Correct answer: B
Explanation
The correct answer is B, S3 presigned URLs, as they allow temporary access to private S3 objects for authenticated users. Option A, Amazon Cognito user pool, is for user management and authentication but does not provide file access directly. Option C, S3 bucket policy, controls access at the bucket level but does not facilitate sharing individual files, and Option D, Amazon Cognito identity pool, is used for granting access to AWS services but doesn't handle file sharing directly.