A DevOps team uses the above CloudFormation template to create an S3 bucket. What does the bucket policy accomplish?
The condition denies if SecureTransport is false.
Why this answer
Option B is correct. The policy denies all S3 actions on the bucket objects if the request is not sent over HTTPS (SecureTransport false). This enforces encryption in transit.
Option A is wrong because it denies all actions, not just read. Option C is wrong because it denies only when not using HTTPS. Option D is wrong because the policy denies all actions, not just delete.