🔥 3-day streak
AWS Certified Security - Specialty168 / 184
Question 168 of 184

A company is building a mobile application that lets users upload photos to a personal S3 prefix (e.g., uploads/<user-id>/). Users authenticate with their existing Google accounts. The security team requires that each authenticated user can only read and write objects under their own prefix, and that no long-term AWS credentials are embedded in the mobile app. Which approach meets these requirements?

Reviewed for accuracy · Report an issueNext question