How should the application use AWS credentials to access the S3 bucket securely?

SAP-C01 0 Comments

You have an application running on an EC2 instance which will allow users to download files from a private S3 bucket using a pre-signed URL. Before generating the URL, the application should verify the existence of the file in S3.

How should the application use AWS credentials to access the S3 bucket securely?
A . Use the AWS account access keys; the application retrieves the credentials from the source code of the application.
B . Create an IAM role for EC2 that allows list access to objects In the S3 bucket; launch the Instance with the role, and retrieve the role’s credentials from the EC2 instance metadata.
C . Create an IAM user for the application with permissions that allow list access to the S3 bucket; the application retrieves the 1AM user credentials from a temporary directory with permissions that allow read access only to the Application user.
D . Create an IAM user for the application with permissions that allow list access to the S3 bucket; launch the instance as the IAM user, and retrieve the IAM user’s credentials from the EC2 instance user data.

Answer: B

Explanation:

Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html

Latest SAP-C01 Dumps Valid Version with 684 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download SAP-C01 PDF     SAP-C01 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments