ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Developer Associate All Questions

View all questions & answers for the AWS Certified Developer Associate exam
Go to Exam

Exam AWS Certified Developer Associate topic 1 question 236 discussion

Exam question from Amazon's AWS Certified Developer Associate
Question #: 236
Topic #: 1
[All AWS Certified Developer Associate Questions]

Two containerized microservices are hosted on Amazon EC2 ECS. The first microservice reads an Amazon RDS Aurora database instance, and the second microservice reads an Amazon DynamoDB table.

How can each microservice be granted the minimum privileges?

  • A. Set ECS_ENABLE_TASK_IAM_ROLE to false on EC2 instance boot in ECS agent configuration file. Run the first microservice with an IAM role for ECS tasks with read-only access for the Aurora database. Run the second microservice with an IAM role for ECS tasks with read-only access to DynamoDB.
  • B. Set ECS_ENABLE_TASK_IAM_ROLE to false on EC2 instance boot in the ECS agent configuration file. Grant the instance profile role read-only access to the Aurora database and DynamoDB.
  • C. Set ECS_ENABLE_TASK_IAM_ROLE to true on EC2 instance boot in the ECS agent configuration file. Run the first microservice with an IAM role for ECS tasks with read-only access for the Aurora database. Run the second microservice with an IAM role for ECS tasks with read-only access to DynamoDB.
  • D. Set ECS_ENABLE_TASK_IAM_ROLE to true on EC2 instance boot in the ECS agent configuration file. Grant the instance profile role read-only access to the Aurora database and DynamoDB.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by kapil206001 at Nov. 25, 2022, 9:22 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
rcaliandro
1 year, 11 months ago
Selected Answer: C
C easy. We have to use ECS_ENABLE_TASK_IAM_ROLE to user roles in the containers. Then we have to grant access to Aurora to the first instance and DynamoDB to the second one.
upvoted 1 times
...
pancman
2 years, 3 months ago
This question was on the exam today (Feb 2023)
upvoted 1 times
pancman
2 years, 3 months ago
But C in the exam didn't say Aurora, it said DynamoDB
upvoted 1 times
...
Dun6
2 years, 3 months ago
Was this DVA-C02
upvoted 1 times
...
...
pancman
2 years, 4 months ago
Selected Answer: C
C is correct.
upvoted 1 times
...
michaldavid
2 years, 6 months ago
Selected Answer: C
Agree with C
upvoted 1 times
...
k1kavi1
2 years, 6 months ago
Selected Answer: C
https://www.examtopics.com/discussions/amazon/view/29085-exam-aws-certified-developer-associate-topic-1-question-291/
upvoted 1 times
k1kavi1
2 years, 6 months ago
https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html
upvoted 3 times
...
...
kapil206001
2 years, 6 months ago
https://www.examtopics.com/discussions/amazon/view/29085-exam-aws-certified-developer-associate-topic-1-question-291/
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel