ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 85 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional
Question #: 85
Topic #: 1
[All AWS Certified Solutions Architect - Professional Questions]

You have an application running on an EC2 instance which will allow users to download files from a private S3 bucket using a pre-signed URL. Before generating the URL, the application should verify the existence of the file in S3.
How should the application use AWS credentials to access the S3 bucket securely?

  • A. Use the AWS account access keys; the application retrieves the credentials from the source code of the application.
  • B. Create an IAM role for EC2 that allows list access to objects in the S3 bucket; launch the Instance with the role, and retrieve the role's credentials from the EC2 instance metadata.
  • C. Create an IAM user for the application with permissions that allow list access to the S3 bucket; the application retrieves the IAM user credentials from a temporary directory with permissions that allow read access only to the Application user.
  • D. Create an IAM user for the application with permissions that allow list access to the S3 bucket; launch the instance as the IAM user, and retrieve the IAM user's credentials from the EC2 instance user data.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
Reference:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html
by cldy at April 5, 2021, 2:30 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
nimbus_00
6 months, 3 weeks ago
IAM Role for EC2: By assigning an IAM role to the EC2 instance, you provide the necessary permissions for the application to access the S3 bucket without hardcoding credentials.
upvoted 1 times
...
amministrazione
8 months, 2 weeks ago
B. Create an IAM role for EC2 that allows list access to objects in the S3 bucket; launch the Instance with the role, and retrieve the role's credentials from the EC2 instance metadata.
upvoted 1 times
...
SkyZeroZx
1 year, 10 months ago
Selected Answer: B
B. the keyword here is IAM role and metadata.
upvoted 1 times
...
hilft
2 years, 9 months ago
B. the keyword here is IAM role and metadata. userdata is irrelevant
upvoted 2 times
...
kashi1983
3 years, 5 months ago
Answer is B
upvoted 1 times
...
01037
3 years, 7 months ago
B for sure
upvoted 1 times
...
cldy
3 years, 7 months ago
B. IAM role for EC2 to access objects In the S3 bucket.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago