Which of the following items are required to allow an application deployed on an EC2 instance to write data to a
DynamoDB table? Assume that no security keys are allowed to be stored on the EC2 instance. Choose 2
answers.
A.
Create an IAM Role that allows write access to the DynamoDB table.
B.
Add an IAM Role to a running EC2 instance.
C.
Create an IAM User that allows write access to the DynamoDB table.
D.
Add an IAM User to a running EC2 instance.E. Launch an EC2 Instance with the IAM Role included in the launch configuration.
Explanation:
http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/TicTacToe.Phase3.html
A, B
I thought it was A & E until I researched it further at
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#attach-iam-role
Appears A & B are the correct answer because can now add IAM roles to running instances and the question says ” . . . allow an application deployed on an EC2 instance to write data to a
DynamoDB table”
Deployed to an EC2 instance means, to me, that the instance is already running. So E wouldn’t help you here. If instance wasn’t running or question said “. . . will be deployed” then E would be the right answer
A&E