You Are Building a Large, Multi-Tenant SaaS (Software-As-A-Service) Application with a Component
You are building a large, multi-tenant SaaS (software-as-a-service) application with a component that fetches data to process from a customer-specific Amazon S3 bucket in their account. How should you ensure that your application follows security best practices and limits risk when fetching data from customer-owned Amazon S3 buckets?
A) Have users create an IAM user with a policy that grants read-only access to the Amazon S3 bucket required by your application, and store the corresponding access keys in an encrypted database that holds their account data.
B) Have users create a cross-account lAM role with a policy that grants read-only access to the Amazon S3 bucket required by your application to the AWS account ID running your production Sass application.
C) Have users create an Amazon S3 bucket policy that grants read-only access to the Amazon S3 bucket required by your application, and securely store the corresponding access keys in the database holding their account data.
D) Have users create an Amazon S3 bucket policy that grants read-only access to the Amazon S3 bucket required by your application and limits access to the public IP address of the SaaS application.
Correct Answer:
Verified
Q292: You have a fleet of Elastic Compute
Q293: You have been asked to use your
Q294: You manage a three-tier web application consisting
Q295: You run a SIP-based telephony application that
Q296: You have a high-traffic application running behind
Q298: Your application is currently running on Amazon
Q299: You have an application consisting of a
Q300: Your organization has decided to implement a
Q301: You run operations for a company that
Q302: You have an ASP.NET web application running
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents