AWS Certified Solutions Architect – Associate (SAA-C02) — Question 164

A company needs to share an Amazon S3 bucket with an external vendor. The bucket owner must be able to access all objects.
Which action should be taken to share the S3 bucket?

Answer options

• A. Update the bucket to be a Requester Pays bucket.
• B. Update the bucket to enable cross-origin resource sharing (CORS).
• C. Create a bucket policy to require users to grant bucket-owner-full-control when uploading objects.
• D. Create an IAM policy to require users to grant bucket-owner-full-control when uploading objects.

Correct answer: C

Explanation

The correct answer is C because creating a bucket policy that requires users to grant bucket-owner-full-control ensures that the bucket owner can access all uploaded objects. Option A is incorrect as Requester Pays is related to cost management, not access permissions. Option B is irrelevant as CORS pertains to web applications, not object access. Option D is incorrect because IAM policies do not directly enforce permissions at the bucket level like bucket policies do.