SCS-C02 · Question #171
SCS-C02 Question #171: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C02 to reveal the answer and full explanation for question #171. The question stem and answer options stay visible for context.
Question
A developer operations team uses AWS Identity and Access Management (IAM) to manage user permissions. The team created an Amazon EC2 instance profile role that uses an AWS managed ReadOnlyAccess policy. When an application that is running on Amazon EC2 tries to read a file from an encrypted Amazon S3 bucket, the application receives an AccessDenied error. The team administrator has verified that the S3 bucket policy allows everyone in the account to access the S3 bucket. There is no object ACL that is attached to the file. What should the administrator do to fix the IAM access issue?
Options
- AEdit the ReadOnlyAccess policy to add kms:Decrypt actions
- BAdd the EC2 IAM role as the authorized Principal to the S3 bucket policy
- CAttach an inline policy with kms:Decrypt permissions to the IAM role
- DAttach an inline policy with S3:* permissions to the IAM role
Unlock SCS-C02 to see the answer
You've previewed enough free SCS-C02 questions. Unlock SCS-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.