🔥 3-day streak
AWS Certified Data Engineer - Associate144 / 159
Question 144 of 159

A data engineering team stores confidential financial datasets in an S3 bucket. Compliance requires that the data only be accessible from resources running inside the company's VPC, and never from the public internet or other AWS accounts, even if valid IAM credentials are presented. The team has already created a Gateway VPC endpoint for S3. Which approach enforces this requirement?

Reviewed for accuracy · Report an issueNext question