🔥 3-day streak
AWS Certified Security - Specialty116 / 157
Question 116 of 157

A company's data-analytics account (111111111111) needs read-only access to a specific prefix (reports/) in an S3 bucket owned by the reporting account (222222222222). Security requires that access be granted with least privilege and that credentials never leave AWS. The bucket has no public access and object ownership is set to bucket-owner-enforced (ACLs disabled). Which combination of policies correctly grants this access?

Reviewed for accuracy · Report an issueNext question