A company collects 10 GB of telemetry data daily and stores it in an Amazon S3 bucket in a source data account. Several consulting agencies need read access to this data for analysis. The company must share the data from the source account using a solution that maximizes security and minimizes operational overhead. Which solution meets these requirements?
Choose an answer
Tap an option to check your answer.
Correct answer: Configure cross-account access for the S3 bucket to the accounts that the agencies own..
Why this is the answer
Configuring cross-account access for the S3 bucket to the agencies' accounts is the most secure and operationally efficient solution. This approach leverages S3 bucket policies or IAM roles to grant specific permissions directly to the agencies' AWS accounts, allowing them to access the data while maintaining control within the source account. This minimizes operational overhead because the company doesn't manage individual users for external entities, and agencies manage their own users and access within their accounts. S3 global tables are not a real AWS service. Making the S3 bucket public is a severe security risk and should never be done, even for a limited time. Setting up an IAM user for each analyst in the source data account creates significant operational overhead, as the company would be responsible for managing credentials and permissions for potentially many external users.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed