🔥 3-day streak
AWS Certified Solutions Architect - Associate104 / 150
Question 104 of 150

A financial services company stores confidential documents in an S3 bucket. Security requires that the bucket be accessible ONLY from resources inside the company's VPC, and never from the public internet, even if someone obtains valid IAM credentials. A VPC gateway endpoint for S3 has already been created. What should the solutions architect implement to enforce this requirement at the bucket level?

Reviewed for accuracy · Report an issueNext question →