AWS Certified SysOps Administrator – Associate (legacy) — Question 164

A root account owner has given full access of his S3 bucket to one of the IAM users using the bucket ACL. When the IAM user logs in to the S3 console, which actions can he perform?

Answer options

• A. He can just view the content of the bucket
• B. He can do all the operations on the bucket
• C. It is not possible to give access to an IAM user using ACL
• D. The IAM user can perform all operations on the bucket using only API/SDK

Correct answer: C

Explanation

The correct answer is C because AWS does not allow access to an IAM user through the use of bucket ACLs, which are meant for granting permissions to AWS accounts and not IAM users. Options A, B, and D are incorrect as they imply that IAM users can be granted access through ACLs, which is not possible.