In the lecture, it’s stated that if you want to set permissions on the per-file level, you have to use ACLs. This does not appear to be correct. I was able to allow public access for a single object in one of my S3 buckets by specifying it in the Resource section of the policy, e.g.:
"Resource": "arn:aws:s3:::[my-s3-bucket]/test-prefix/hello.txt"I understand that ACLs are a necessary topic for the exam.That being said, I’m fairly certain that bucket and IAM policies are still best practice regardless of the scope, as they are extremely explicit. Is there something I’m missing?