Multiple Choice
An application running on Amazon EC2 instances must access objects within an Amazon S3 bucket that are encrypted using server-side encryption using AWS KMS encryption keys (SSE-KMS) . The application must have access to the customer master key (CMK) to decrypt the objects. Which combination of steps will grant the application access? (Choose two.)
A) Write an S3 bucket policy that grants the bucket access to the key.
B) Grant access to the key in the IAM EC2 role attached to the application's EC2 instances.
C) Write a key policy that enables IAM policies to grant access to the key.
D) Grant access to the key in the S3 bucket's ACL
E) Create a Systems Manager parameter that exposes the KMS key to the EC2 instances.
Correct Answer:
Verified
Correct Answer:
Verified
Q238: A developer is creating a serverless web
Q239: A Developer wants to find a list
Q240: A company is adding stored value (or
Q241: A Developer has created a software package
Q242: A supplier is writing a new RESTful
Q244: A Developer is writing an application in
Q245: An application is being developed to audit
Q246: A development team is building a new
Q247: A company is using Amazon RDS MySQL
Q248: A developer is using AWS CodeDeploy to