Q86 — AWS DVA-C02 Ch.1

Question 86 of 100 | ← Chapter 1

A company is moving sensitive files into a private Amazon S3 bucket with no public access permissions. The company wants to develop a serverless application that allows employees to log in and securely share files with other users. Which AWS feature should the company use to securely share and access files?

Correct Answer: B. S3 presigned URLs

Explanation

S3 presigned URLs (Option B) provide time-limited, secure access to specific objects in private S3 buckets without exposing the bucket publicly. They are ideal for controlled, temporary file sharing. Option A (User Pools) handles authentication but not direct file access delegation. Option C (bucket policies) defines broad bucket-level permissions but cannot grant per-object, time-bound access. Option D (Identity Pools) provides federated identity access to AWS services but is overkill for simple file sharing and lacks granular object-level control. Thus, B is the most appropriate and secure solution.