You have an application running on an EC2 instance which will allow users to download files from a private S3 bucket using a pre-signed URL. Before generating the URL, the application should verify the existence of the file in S3. How should the application use AWS credentials to access the S3 bucket securely?
A) Use the AWS account access keys; the application retrieves the credentials from the source code of the application.
B) Create an IAM role for EC2 that allows list access to objects In the S3 bucket; launch the Instance with the role, and retrieve the role's credentials from the EC2 instance metadata.
C) Create an IAM user for the application with permissions that allow list access to the S3 bucket; the application retrieves the 1AM user credentials from a temporary directory with permissions that allow read access only to the Application user.
D) Create an IAM user for the application with permissions that allow list access to the S3 bucket; launch the instance as the IAM user, and retrieve the IAM user's credentials from the EC2 instance user data.
Correct Answer:
Verified
Q281: Your company plans to host a large
Q282: A web company is looking to implement
Q283: You are implementing a URL whitelisting system
Q284: You are designing a social media site
Q285: A corporate web application is deployed within
Q287: An administrator is using Amazon CloudFormation to
Q288: An enterprise wants to use a third-party
Q289: Your company currently has a 2-tier web
Q290: Your company is getting ready to do
Q291: You are responsible for a web application
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents