Correct answer - "Enable CORS" : Cross-origin resource sharing (CORS) defines a way for client
web applications that are loaded in one domain to interact with resources in a different domain.
With CORS support, you can build rich client-side web applications with Amazon S3 and
selectively allow cross-origin access to your Amazon S3 resources.
"Change the bucket policy" - A bucket policy is a resource-based AWS Identity and Access
Management (IAM) policy that grants permissions. With this policy you can do things such as
allow one IP address to access the video file in the S3 bucket. In this scenario we know its not
the case because it works using the direct URL but it doesn't work when you click on a link to
access the vide
"Amend the IAM policy" - You attach IAM policies to IAM users, groups, or roles, which are then
subject to the permissions you've defined. This scenario is dealing with public users to a
website and they do not have their own IAM user account
"Disable Server-Side Encryption" - Amazon S3 encrypts your data at the object level as it writes
it to disks in its data centers and decrypts it for you when you access it, if the video file is
encrypted at rest then there is nothing you need to do because AWS handles encrypt and decrypt.
Disabling encryption is not the issue because you can access the video directly using an URL but
not from the main website
For more information visit