-
List actions in S3 do not allow downloading?
updated 3 weeks, 3 days ago
2 Members
·
4
Posts
-
Category: CSAP – Design for New Solutions
A startup currently runs a web application on an extra-large Amazon EC2 instance. The application allows users to upload and download various pdf files from a private Amazon S3 bucket using a pre-signed URL. The web application checks if the file being requested actually exists in the S3 bucket before generating the URL.
In this scenario, how should the solutions architect configure the web application to access the Amazon S3 bucket securely?
List actions in S3 are not Get actions, List actions don’t allow you to Download so how can this answer A be correct? The only option that would work is to have access keys on the instance answer D.
In this question the problem is accessing the S3 bucket securely, not the security of the EC2 instance, so having the keys on the instance is not really as relevant if the supposed correct answer does not allow downloading of the pdf files as is stated in the question.
-
This discussion was modified 3 weeks, 4 days ago by
Keiran McManus.
-
This discussion was modified 3 weeks, 4 days ago by
-
Hello Keiran McManus,
The first option appears to be the most accurate, as it involves creating an IAM role with the necessary permissions (such as listing and uploading objects) for the EC2 instance. To securely download various PDF files from a private Amazon S3 bucket, the scenario specifically mentions using pre-signed URLs. These URLs grant temporary and secure access to the objects stored in the S3 bucket.
Hope this helps! Let us know if you need further clarification.
Regards,
JR @ Tutorials Dojo-
Ok, that makes more sense.
-
No worries, Keiran McManus! If you have any more questions, feel free to ask.
-
-
Log in to reply.