DVA-C02 · Question #772
A developer is deploying an application on Amazon EC2 instances that run in Account A. In certain cases, this application needs to read data from a private Amazon S3 bucket in Account B. The developer
Sign in or unlock DVA-C02 to reveal the answer and full explanation for question #772. The question stem and answer options stay visible for context.
Question
A developer is deploying an application on Amazon EC2 instances that run in Account A. In certain cases, this application needs to read data from a private Amazon S3 bucket in Account B. The developer must provide the application access to the S3 bucket without exposing the S3 bucket to anyone else. Which combination of actions should the developer take to meet these requirements? (Choose two.)
Options
- ACreate an IAM role with S3 read permissions in Account B.
- BUpdate the instance profile IAM role in Account A with S3 read permissions.
- CMake the S3 bucket public with limited access for Account A.
- DConfigure the bucket policy in Account B to grant permissions to the instance profile role.
- EAdd a trust policy that allows s3:Get* permissions to the IAM role in Account B.
Unlock DVA-C02 to see the answer
You've previewed enough free DVA-C02 questions. Unlock DVA-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.