ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 95 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional
Question #: 95
Topic #: 1
[All AWS Certified Solutions Architect - Professional Questions]

You have an application running on an EC2 Instance which will allow users to download flies from a private S3 bucket using a pre-signed URL. Before generating the URL the application should verify the existence of the file in S3.
How should the application use AWS credentials to access the S3 bucket securely?

  • A. Use the AWS account access Keys the application retrieves the credentials from the source code of the application.
  • B. Create an IAM user for the application with permissions that allow list access to the S3 bucket launch the instance as the IAM user and retrieve the IAM user's credentials from the EC2 instance user data.
  • C. Create an IAM role for EC2 that allows list access to objects in the S3 bucket. Launch the instance with the role, and retrieve the role's credentials from the EC2 Instance metadata
  • D. Create an IAM user for the application with permissions that allow list access to the S3 bucket. The application retrieves the IAM user credentials from a temporary directory with permissions that allow read access only to the application user.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by qianhaopower at May 13, 2020, 1:18 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
amministrazione
8 months, 3 weeks ago
C. Create an IAM role for EC2 that allows list access to objects in the S3 bucket. Launch the instance with the role, and retrieve the role's credentials from the EC2 Instance metadata
upvoted 1 times
...
TravelKo
1 year, 9 months ago
Selected Answer: C
C is clear choice
upvoted 1 times
...
kaushik9845
2 years, 7 months ago
What does retrieving credentials in instance data mean..is it really needed?
upvoted 1 times
NathanvB99
2 years, 6 months ago
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html
upvoted 1 times
...
...
01037
3 years, 6 months ago
CCCCCCC
upvoted 2 times
...
cldy
3 years, 6 months ago
C. repeated question 85.
upvoted 3 times
...
ricoyao
3 years, 6 months ago
same as question 85.
upvoted 3 times
...
oatif
3 years, 7 months ago
C looks correct to me since we should create roles for services to take on
upvoted 3 times
...
qianhaopower
3 years, 7 months ago
C is correct! Duplicate question.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago