AWS Certified SysOps Administrator – Associate (legacy) — Question 85

A root account owner has created an S3 bucket testmycloud. The account owner wants to allow everyone to upload the objects as well as enforce that the person who uploaded the object should manage the permission of those objects. Which is the easiest way to achieve this?

Answer options

• A. The root account owner should create a bucket policy which allows the IAM users to upload the object
• B. The root account owner should create the bucket policy which allows the other account owners to set the object policy of that bucket
• C. The root account should use ACL with the bucket to allow everyone to upload the object
• D. The root account should create the IAM users and provide them the permission to upload content to the bucket

Correct answer: C

Explanation

Using ACLs (Access Control Lists) with the bucket is the most straightforward method to allow public uploads while also granting the uploader control over their object permissions. The other options involve creating bucket policies or IAM users, which are more complex and do not directly provide the required permissions for everyone to upload objects easily.