I got the following question in the quiz
A system administrator needs to grant read and write permissions to a single user on specific S3 objects. Which access control method allows this level of fine-grained permissions?
It says the correct answer is: S3 Access Control Lists (ACLs)
But isn’t S3 ACLs are not recommended? and outdated?
Bucket policy is incorrect because the clue is in the name - it applies at bucket not object level.
Presigned URLs is incorrect because they are not used for granting access to IAM Users, they are for sharing individual objects with anyone who is given the URL whether or not they have an AWS account.
IAM Policies is incorrect because in itself it is not necessarily related to S3, although they could be used as part of an S3 resource policy - which is not mentioned in the question.
This leaves only ACLs - which can be targeted at object level and for individual users.
