Home › Forums › AWS › AWS Certified Security – Specialty › AWS Certified Security – Specialty Practice Exams 2020 – Question 56 – KMS root › Reply To: AWS Certified Security – Specialty Practice Exams 2020 – Question 56 – KMS root
-
I have another question.
“
A media company runs a Python script that uses the AWS CLI command aws s3 cp to upload a large file to an Amazon S3 bucket, which includes an AWS KMS key. An Access Denied error always shows up whenever their developers upload a file with a size of 10 GB or more. However, when they tried to upload a smaller file with the KMS key, the upload succeeds.
Which of the following are potential reasons why this issue is happening? (Select TWO.)”
You said that these are correct:
The AWS CLI S3 commands perform a multipart upload when the file is large.
The IAM policy of the developer does not include the kms:Decrypt permission.
However, they are able to decrypt smaller than 10gb so KMS:decrypt is not a solution, right?