A Security Engineer has launched multiple Amazon EC2 instances from a private AMI using an AWS CloudFormation template. The Engineer notices instances terminating right after they are launched. What could be causing these terminations?
A.
The IAM user launching those instances is missing ec2:RunInstances permissions
B.
The AMI used was encrypted and the IAM user does not have the required AWS KMS permissions
C.
The instance profile used with the EC2 instances is unable to query instance metadata
D.
AWS currently does not have sufficient capacity in the Region
I suppose B makes sense... but it could be A too right? This link talks about A being a potential reason https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/troubleshooting-launch.html
but if it was A, they probably would've given different information in the question or something.
B is the correct answer.
User does not have permission over KMS key (or in some cases the key is disable or does not exist, both will lead to the same behaviour).
As per AWS: A snapshot specified in the block device mapping for the AMI is encrypted and you do not have permissions to access the KMS key for decryption or you do not have access to the KMS key to encrypt the restored volumes.
It seems to be B according to this reference: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/troubleshooting-launch.html#troubleshooting-launch-internal
Answer: B
Go to https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/troubleshooting-launch.html
Scroll all way down to "Instance terminates immediately"
1) The instances have started before ending up so, the option of not having ec2:runInstances does not stand; and also is the option B where the AMI needs to be unencrypted to run.
2) AWS does not have a capability in the region is less, les likely. It will not even has started
The option C is the answer.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
farziuser
Highly Voted 3 years, 8 months agoskipbaylessfor3
Highly Voted 3 years, 8 months agoRaphaello
Most Recent 1 year, 4 months agoITGURU51
2 years agodcasabona
2 years, 11 months agosapien45
2 years, 11 months agodanielklein09
2 years, 1 month agoremyy
3 years, 1 month agoTigerInTheCloud
3 years, 3 months agoBalki
2 years, 7 months agoRaySmith
3 years, 4 months agoSec101
3 years, 4 months agoSec101
3 years, 4 months agoLaLune
3 years, 5 months agojj22222
3 years, 6 months agokely
3 years, 8 months agoPeppaPig
3 years, 9 months agoOhCobblers
3 years, 9 months ago