🔥 3-day streak
AWS Certified CloudOps Engineer - Associate108 / 159
Question 108 of 159
A CloudOps engineer configures an S3 bucket to store CloudTrail logs and enables SSE-KMS encryption using a customer managed KMS key. After enabling the trail, CloudTrail fails to deliver logs and reports an insufficient permissions error when writing to the bucket. The bucket policy already grants the CloudTrail service principal s3:PutObject. What is the MOST likely cause and correct fix?
Reviewed for accuracy · Report an issueNext question