ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C03 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C03 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 17 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C03
Question #: 17
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C03 Questions]

A company is implementing a new business application. The application runs on two Amazon EC2 instances and uses an Amazon S3 bucket for document storage. A solutions architect needs to ensure that the EC2 instances can access the S3 bucket.
What should the solutions architect do to meet this requirement?

  • A. Create an IAM role that grants access to the S3 bucket. Attach the role to the EC2 instances.
  • B. Create an IAM policy that grants access to the S3 bucket. Attach the policy to the EC2 instances.
  • C. Create an IAM group that grants access to the S3 bucket. Attach the group to the EC2 instances.
  • D. Create an IAM user that grants access to the S3 bucket. Attach the user account to the EC2 instances.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by ogerber at Oct. 10, 2022, 4:29 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
sba21
Highly Voted 2 years, 9 months ago
Selected Answer: A
Always remember that you should associate IAM roles to EC2 instances
upvoted 103 times
...
Buruguduystunstugudunstuy
Highly Voted 2 years, 6 months ago
Selected Answer: A
The correct option to meet this requirement is A: Create an IAM role that grants access to the S3 bucket and attach the role to the EC2 instances. An IAM role is an AWS resource that allows you to delegate access to AWS resources and services. You can create an IAM role that grants access to the S3 bucket and then attach the role to the EC2 instances. This will allow the EC2 instances to access the S3 bucket and the documents stored within it. Option B is incorrect because an IAM policy is used to define permissions for an IAM user or group, not for an EC2 instance. Option C is incorrect because an IAM group is used to group together IAM users and policies, not to grant access to resources. Option D is incorrect because an IAM user is used to represent a person or service that interacts with AWS resources, not to grant access to resources.
upvoted 75 times
...
Clouddon
Most Recent 6 days, 16 hours ago
Selected Answer: A
Use an IAM role attached to the EC2 instances to securely and efficiently grant access to the Amazon S3 bucket.
upvoted 1 times
...
jr1521675287
1 week ago
Selected Answer: A
only A
upvoted 1 times
...
satyaammm
6 months, 1 week ago
Selected Answer: A
Only IAM role is suitable here as policies are added to IAM groups or users. Moreover, IAM groups cannot be attached to a resource and attaching IAM user credentials to a IAM role in risky and thereby not suitable.
upvoted 3 times
...
Tjazz04
6 months, 4 weeks ago
Selected Answer: A
Ans. A Here's why: IAM Role: Roles are designed to be assumed by entities like EC2 instances. By creating an IAM role with the necessary permissions to access the S3 bucket and attaching this role to the EC2 instances, you ensure that the instances can securely access the S3 bucket without needing to manage long-term credentials. IAM Policy: While policies define permissions, they need to be attached to roles or users. Attaching a policy directly to EC2 instances is not possible. IAM Group: Groups are used to manage permissions for multiple users, not instances. IAM User: Users are intended for individual people or applications, not for EC2 instances. By using an IAM role, you follow AWS best practices for security and manageability. If you have any more questions or need further clarification, feel free to ask!
upvoted 2 times
...
EzKkk
7 months, 3 weeks ago
Selected Answer: A
IAM Role + EC2 instance = go-to solution
upvoted 1 times
...
PaulGa
11 months ago
Selected Answer: A
Ans A - as per "Buruguduystunstugudunstuy" response.
upvoted 1 times
...
A_jaa
1 year, 5 months ago
Selected Answer: A
Answer-A
upvoted 2 times
...
thewalker
1 year, 6 months ago
Selected Answer: A
Below is the response from Amazon Q: To access S3 from an EC2 instance, you need to create an IAM role and associate that role with the EC2 instance. Here are the basic steps: 1. Create an IAM role and attach the AmazonS3ReadOnlyAccess or AmazonS3FullAccess managed policy to grant S3 access. 2. Launch the EC2 instance and select the IAM role you created during launch. 3. The instance will now have the permissions defined in the IAM role and you can access S3 from the instance.
upvoted 2 times
thewalker
1 year, 6 months ago
Some key points: 1. Attaching an IAM role is preferred over creating a resource-based policy for S3 access from EC2 as it provides centralized access management. 2. The instance will need internet access to communicate with S3. Make sure the associated security group and NACL rules allow outbound internet access. 3. Check AWS documentation for latest steps to create and associate an IAM role with an EC2 instance. The console and CLI provide options to automate this process.
upvoted 1 times
...
...
jjcode
1 year, 7 months ago
Strangely straight forward, Almost had me confused.
upvoted 1 times
...
GabrielSGoncalves
1 year, 8 months ago
Selected Answer: A
For sure
upvoted 1 times
...
Ruffyit
1 year, 8 months ago
The correct option to meet this requirement is A: Create an IAM role that grants access to the S3 bucket and attach the role to the EC2 instances. An IAM role is an AWS resource that allows you to delegate access to AWS resources and services. You can create an IAM role that grants access to the S3 bucket and then attach the role to the EC2 instances. This will allow the EC2 instances to access the S3 bucket and the documents stored within it. Option B is incorrect because an IAM policy is used to define permissions for an IAM user or group, not for an EC2 instance. Option C is incorrect because an IAM group is used to group together IAM users and policies, not to grant access to resources. Option D is incorrect because an IAM user is used to represent a person or service that interacts with AWS resources, not to grant access to resources.
upvoted 1 times
...
danielpark99
1 year, 9 months ago
Selected Answer: A
EC2 instances should be associated with IAM roles. Policies can be applying to users and groups can help to apply multiple roles.
upvoted 1 times
...
Abdou1604
1 year, 11 months ago
Option B may work but , suggests creating an IAM policy directly and attaching it to the EC2 instances. While this might work, it's not the recommended approach. Using an IAM role is more secure and manageable.
upvoted 1 times
...
Guru4Cloud
1 year, 11 months ago
Selected Answer: A
Always remember that you should associate IAM roles to EC2 instances. An IAM role is an AWS resource that allows you to delegate access to AWS resources and services. You can create an IAM role that grants access to the S3 bucket and then attach the role to the EC2 instances. This will allow the EC2 instances to access the S3 bucket and the documents stored within it.
upvoted 1 times
...
Rexino
1 year, 11 months ago
Selected Answer: A
IAM roles should be associated to EC2 instance
upvoted 2 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel