- Your partner have S3 bucket “forhealthydata” in a separate region than your website. And they have not enabled the CRR, cross region replication for that bucket.
- Your partner has kept all the Java Scripts in encrypted format in the bucket. You need to use KMS solution to decrypt the Java script before using them with Client side decryption.
- You have not defined NACL rule for accessing resources outside of your domain.
- You cannot directly access the data from the S3 buckets or another user, while loading the website in browser. You have to first copy these Java Scripts file in your account bucket and then only you can use them.
- You will ask third party solution provider to configure the CORS (Cross origin Request) for your domain healthydata.com
Correct Answer : E
Detailed Explanation: To reach the right solution we need to first understand what is the question want, requirement is very simple a third party vendor had kept the Java Scripts file in one S3 bucket and you want to access them while loading your website, but you are not able to use it. You need to find first where could be the issue. In such cases first you have to look whether proper permissions are in place or not.
If you look the given option, it is very difficult to choose correct one. Let’s reduce the option one by one and then reach to the correct one.
- S3 buckets are global resources and can be access from anywhere. If the permissions are in place. So option 1 can not be an answer.
- There is no need to keep the Java Scripts file in encrypted, because once loaded in the browser anybody can view and use it. Again this can not be a correct answer.
- NACL is more of a firewall to allow or deny the permissions based on IP addresses and ports. On the EC2 instances in a VPC subnet. Not relevant given requirement. Hence, can not be a correct answer.
- If permissions are in place you can access S3 bucket resources from anywhere. So option 4 can not be a correct answer.
- Remaining option 5 says that CORS to be configured correctly. What is CORS?
- It defines a way for client web applications that are loaded in one domain to interact with the resources in a different domain.
- With CORS support, you can build rich client-side application with AWS S3 and selectively allow cross-origin access to your AWS S3 resources.
- User Case: Suppose http://AcmeTest.com is hosted on S3 as a static website from a bucket named AcmeTest, which has an endpoint like http://acmetest.s3-website-us-east-1.amazonaws.com . Now you have Java scripts which are in another bucket called “testscript” and want to use on AcmeTest.com. Using S3 endpoint http://acmetest.s3-website-us-east-1.amazonaws.com if you try to access those java script browser will block such Get and Put request. However, by enabling CORS you can configure your “javascript” bucket to enables explicitly cross origin request from endpoints3-website-us-east-1.amazonaws.com
- So option 5 is correct in given requirement.