Topic 1 Question 92
2 つ選択A company is storing sensitive user information in an Amazon S3 bucket. The company wants to provide secure access to this bucket from the application tier running on Amazon EC2 instances inside a VPC. Which combination of steps should a solutions architect take to accomplish this?
Configure a VPC gateway endpoint for Amazon S3 within the VPC.
Create a bucket policy to make the objects in the S3 bucket public.
Create a bucket policy that limits access to only the application tier running in the VPC.
Create an IAM user with an S3 access policy and copy the IAM credentials to the EC2 instance.
Create a NAT instance and have the EC2 instances use the NAT instance to access the S3 bucket.
ユーザの投票
コメント(17)
- 正解だと思う選択肢: AC👍 4ArielSchivo2022/10/19
- 正解だと思う選択肢: CD
CORRECT The solutions architect should take the following steps to accomplish secure access to the S3 bucket from the application tier running on Amazon EC2 instances inside a VPC:
C. Create a bucket policy that limits access to only the application tier running in the VPC. D. Create an IAM user with an S3 access policy and copy the IAM credentials to the EC2 instance.
👍 3Buruguduystunstugudunstuy2022/12/21 - 正解だと思う選択肢: AC
A and C is right among the choice. But instead of having bucket policy for VPC access better option would be to create a role with specific S3 bucket access and attach that role EC2 instances that needs access to S3 buckets.
👍 3career360guru2022/12/26
シャッフルモード