What would be the best way to do this?

Amazon S3 allows you to set per-file permissions to grant read and/or write access.

However you have decided that you want an entire bucket with 100 files already in it to be accessible to the public. You don’t want to go through 100 files individually and set permissions.

What would be the best way to do this?
A .  Move the bucket to a new region
B .  Add a bucket policy to the bucket.
C .  Move the files to a new bucket.
D .  Use Amazon EBS instead of S3

Answer: B

Explanation:

Amazon S3 supports several mechanisms that give you flexibility to control who can access your data as well as how, when, and where they can access it. Amazon S3 provides four different access control mechanisms: AWS Identity and Access Management (IAM) policies, Access Control Lists (ACLs), bucket policies, and query string authentication. IAM enables organizations to create and manage multiple users under a single AWS account. With IAM policies, you can grant IAM users fine-grained control to your Amazon S3 bucket or objects. You can use ACLs to selectively add (grant) certain permissions on individual objects.

Amazon S3 bucket policies can be used to add or deny permissions across some or all of the objects within a single bucket.

With Query string authentication, you have the ability to share Amazon S3 objects through URLs that are valid for a specified period of time.

Reference: http://aws.amazon.com/s3/details/#security

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments