What steps should the DevOps Engineer take to stop this?

DOP-C01 V1 0 Comments

A company is using an AWS CodeBuild project to build and package an application. The packages are copied to a shared Amazon S3 bucket before being deployed across multiple AWS accounts.

The buildspec.yml file contains the following:

The DevOps Engineer has noticed that anybody with an AWS account is able to download the artifacts.

What steps should the DevOps Engineer take to stop this?
A . Modify the post_build to command to use ""-acl public-read and configure a bucket policy that grants read access to the relevant AWS accounts only.
B. Configure a default ACL for the S3 bucket that defines the set of authenticated users as the relevant AWS accounts only and grants read-only access.
C. Create an S3 bucket policy that grants read access to the relevant AWS accounts and denies read access to the principal "*"
D. Modify the post_build command to remove ""-acl authenticated-read and configure a bucket policy that allows read access to the relevant AWS accounts only.

Answer: D

Latest DOP-C01 Dumps Valid Version with 188 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download DOP-C01 PDF     DOP-C01 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments