Recommended
You upload a file named report.pdf to an Amazon S3 bucket. The bucket already contains an object with the key report.pdf. What will happen to the existing object?
Think about how S3 handles object keys as unique identifiers.
In Amazon S3, object keys are unique within a bucket. Uploading an object with an existing key replaces the old object with the new one.
You want to allow anyone on the internet to read objects from your S3 bucket named public-assets without requiring authentication. Which bucket policy snippet correctly grants this permission?
Focus on the action that allows reading objects and the resource path.
The s3:GetObject action allows reading objects. The resource must specify the bucket and all objects inside it using /*. The principal * means anyone.
Your S3 bucket has versioning enabled. You delete an object named data.csv without specifying a version ID. What happens to the object?
Consider how versioning handles deletions without version IDs.
When versioning is enabled, deleting an object without a version ID adds a delete marker as the latest version. This hides the object but keeps all previous versions intact.
You want to ensure that no objects in your S3 bucket can be accessed publicly, even if a bucket policy or ACL grants public permissions. Which setting achieves this?
Think about the global setting that overrides other permissions.
Enabling 'Block all public access' prevents any public access regardless of bucket policies or ACLs. This is the strongest way to block public access.
You have a bucket storing millions of objects. You want to optimize for fast retrieval and cost efficiency. Which approach is best?
Think about how S3 handles object keys and lifecycle rules.
Using prefixes helps S3 distribute load and improves performance. Lifecycle policies can be applied to prefixes to manage costs by archiving or deleting old objects.