You have an application running on an EC2 instance which will allow users to download files from a private S3
bucket using a pre-signed URL. Before generating the URL, the application should verify the existence of the
file in S3. How should the application use AWS credentials to access the S3 bucket securely?
A.
Use the AWS account access keys; the application retrieves the credentials from the source code of the
application.
B.
Create an IAM role for EC2 that allows list access to objects In the S3 bucket; launch the Instance with the
role, and retrieve the role’s credentials from the EC2 instance metadata.
C.
Create an IAM user for the application with permissions that allow list access to the S3 bucket; the
application retrieves the 1AM user credentials from a temporary directory with permissions that allow read
access only to the Application user.
D.
Create an IAM user for the application with permissions that allow list access to the S3 bucket; launch the
instance as the IAM user, and retrieve the IAM user’s credentials from the EC2 instance user data.
A: B
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html
http://docs.aws.amazon.com/AmazonS3/latest/dev/ShareObjectPreSignedURL.html
Option B
B. These questions are too easy for Arch Pro exam. Is there any way to find out if they are legit?
does anyone know where I can study the AWS-Advanced-Networking-Specialty?
Hi Eric,
You can find AWS_Advanced_Networking_Specialty on http://acloud,guru
Correct Answer: B
I have got more marks than my expectations with the help of AWS Certified Solutions Architect Professional Braindumps. I am happy for my right choice at the right time. I thought AWS-SAP very difficult and as a matter of fact it is but AWS-SAP Study Material has made it easier. I went through this handy material and got my all the concepts clear.
WEB: https://www.amazondumps.us/aws-certified-solutions-architect-professional.html
You Tube: https://www.youtube.com/watch?v=BDqGWRdRX48