AWS Certified Solutions Architect – Associate (SAA-C02) — Question 163

A company has multiple AWS accounts for various departments. One of the departments wants to share an Amazon S3 bucket with all other department.
Which solution will require the LEAST amount of effort?

Answer options

• A. Enable cross-account S3 replication for the bucket.
• B. Create a pre-signed URL for the bucket and share it with other departments.
• C. Set the S3 bucket policy to allow cross-account access to other departments.
• D. Create IAM users for each of the departments and configure a read-only IAM policy.

Correct answer: C

Explanation

The correct answer is C because updating the S3 bucket policy to allow cross-account access is straightforward and efficient for sharing access among multiple departments. Options A and D involve more complex setups with replication or user management, while B only provides temporary access via a pre-signed URL, which is not sustainable for ongoing departmental access.