🔥 3-day streak
AWS Certified DevOps Engineer - Professional120 / 204
Question 120 of 204

A company must ensure that no S3 bucket in its production account ever allows public read access. The security team wants an automated, event-driven mechanism that detects when a bucket becomes publicly readable and immediately reverts it to a private (blocked) state without any human intervention. The solution should also produce an audit trail of both the violation and the remediation action. Which approach best meets these requirements with the least custom code?

Reviewed for accuracy · Report an issueNext question