A security review has identified that an AWS CodeBuild project is downloading a database population script from an Amazon S3 bucket using an unauthenticated request. The Security team does not allow unauthenticated requests to S3 buckets for this project. How can this issue be corrected in the MOST secure manner?
A) Add the bucket name to the AllowedBuckets section of the CodeBuild project settings. Update the build spec to use the AWS CLI to download the database population script.
B) Modify the S3 bucket settings to enable HTTPS basic authentication and specify a token. Update the build spec to use cURL to pass the token and download the database population script.
C) Remove unauthenticated access from the S3 bucket with a bucket policy. Modify the service role for the CodeBuild project to include Amazon S3 access. Use the AWS CLI to download the database population script.
D) Remove unauthenticated access from the S3 bucket with a bucket policy. Use the AWS CLI to download the database population script using an IAM access key and a secret access key.
Correct Answer:
Verified
Q87: An n-tier application requires a table in
Q88: A DevOps Engineer is working on a
Q89: A DevOps Engineer has several legacy applications
Q90: A DevOps Engineer is implementing a mechanism
Q91: An application is running on Amazon EC2.
Q93: A web application has been deployed using
Q94: An Application team is refactoring one of
Q95: A company wants to implement a CI/CD
Q96: A company is using Docker containers for
Q97: A company is using AWS Organizations to
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents