A company wants to allow external users to upload large video files directly to an Amazon S3 bucket without requiring AWS credentials. The upload URL should expire after 1 hour. Which TWO actions should the solutions architect take? (Select TWO.)

Answer options:

Generate an S3 presigned URL for the PUT operation with a 1-hour expiration.

Create an IAM user for each external user.

Configure Cross-Origin Resource Sharing (CORS) on the S3 bucket.

Make the S3 bucket public.

Use AWS Transfer Family to create an SFTP endpoint.

How to approach this question

Identify the need for temporary, credential-less access (Presigned URL) and browser-based uploads (CORS).

Full Answer

Generate a presigned URL and configure CORS on the S3 bucket.

S3 presigned URLs allow you to grant temporary, time-limited access to upload objects without providing AWS credentials. If the upload happens via a web browser, CORS must be configured on the bucket to allow the cross-origin request.

Common mistakes

Forgetting that CORS is required for direct-to-S3 browser uploads.

Question 18 All questions Question 20

Practice the full AWS SAA-C03 Practice Exam 3

65 questions · hints · full answers · grading

More questions from this exam

Q01A company stores sensitive documents in an Amazon S3 bucket. The security team requires that only...Easy Q02A large enterprise uses AWS Organizations to manage multiple accounts. The security team wants to...Medium Q03A company hosts a web application on Amazon EC2 instances behind an Application Load Balancer (AL...Easy Q04A company wants to continuously monitor its AWS accounts for malicious activity and unauthorized ...Medium Q05A company needs to encrypt data at rest in Amazon RDS and manage database credentials securely. T...Medium

View all 65 questions →