{"id":85,"date":"2021-01-04T08:09:26","date_gmt":"2021-01-04T08:09:26","guid":{"rendered":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/aws-certified-security-specialty-scs-c01-question078\/"},"modified":"2021-01-04T08:09:26","modified_gmt":"2021-01-04T08:09:26","slug":"aws-certified-security-specialty-scs-c01-question078","status":"publish","type":"post","link":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/aws-certified-security-specialty-scs-c01-question078\/","title":{"rendered":"AWS Certified Security – Specialty SCS-C01 – Question078"},"content":{"rendered":"
A Systems Administrator has written the following Amazon S3 bucket policy designed to allow access to an S3 bucket for only an authorized AWS IAM user from the IP address range 10.10.10.0\/24:
\n
\nWhen trying to download an object from the S3 bucket from 10.10.10.40, the IAM user receives an access denied message. What does the Administrator need to change to grant access to the user?

A.<\/strong> Change the \u201cResource\u201d from \u201carn: aws:s3:::Bucket\u201d to \u201carn:aws:s3:::Bucket\/*\u201d.
B.<\/strong> Change the \u201cPrincipal\u201d from \u201c*\u201d to {AWS:\u201darn:aws:iam: : account-number: user\/username\u201d}
C.<\/strong> Change the \u201cVersion\u201d from \u201c2012-10-17\u201d to the last revised date of the policy
D.<\/strong> Change the \u201cAction\u201d from [\u201cs3:*\u201d] to [\u201cs3:GetObject\u201d, \u201cs3:ListBucket\u201d]<\/div>\n

<\/p>\n