An HR Firm is planning to use Access Point to manage access to many objects stored in Amazon S3 buckets.
Creating an Access Point ARN as below will represent which objects to be accessed? arn:aws:s3:us-east-2:123456789012:accesspoint/test/object/unit-05/hr/*
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer - D.
Amazon S3 Access Points can be created to provide access to a large number of objects in Amazon S3 buckets.
Access Points ARN has format as below.
arn:aws:s3:region:account-id:accesspoint/access-point-name/object/resource.
In the above case, the access point name is test & the resource is unit-05/hr.
Option A is incorrect as the object is key word & not a part of the prefix name.
Prefix name is /unit-05/hr/.
Option B & C are incorrect as the test is the name of the access point & not a bucket name.
For more information on Amazon S3 Access Points, refer to the following URL-
https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.htmlAccess Points is a feature in Amazon S3 that simplifies managing data access at scale for shared datasets. It allows you to create a custom hostname that maps to a specific bucket and optionally, a prefix in the bucket, and can have its own access policy. With Access Points, you can enforce fine-grained access controls on shared data at scale, without needing to create multiple IAM roles or bucket policies.
In the given scenario, an HR firm wants to use Access Points to manage access to many objects stored in Amazon S3 buckets. The Access Point ARN given is:
rubyarn:aws:s3:us-east-2:123456789012:accesspoint/test/object/unit-05/hr/*
This Access Point ARN represents all objects under the prefix object/unit-05/hr
for access point name test
belonging to account 123456789012
in the us-east-2
region.
Let's break down the Access Point ARN:
arn:aws:s3
is the service namespace for Amazon S3us-east-2
is the region where the bucket and Access Point are located123456789012
is the AWS account ID that owns the bucket and Access Pointaccesspoint/test
is the name of the Access Pointobject/unit-05/hr/*
is the prefix of the objects that can be accessed via this Access PointOption A is the correct answer as it correctly interprets the Access Point ARN. Options B, C, and D are incorrect because they don't include the Access Point name in the prefix or don't specify the correct prefix.
Option B is incorrect because it refers to the bucket name instead of the Access Point name. Option C is incorrect because it only specifies the prefix without including the Access Point name. Option D is incorrect because it only specifies the prefix without including the Access Point name, and it doesn't include the object/
prefix.