Multiple Choice
Two containerized microservices are hosted on Amazon EC2 ECS. The first microservice reads an Amazon RDS Aurora database instance, and the second microservice reads an Amazon DynamoDB table. How can each microservice be granted the minimum privileges?
A) Set ECS_ENABLE_TASK_IAM_ROLE to false on EC2 instance boot in ECS agent configuration file. Run the first microservice with an IAM role for ECS tasks with read-only access for the Aurora database. Run the second microservice with an IAM role for ECS tasks with read-only access to DynamoDB.
B) Set ECS_ENABLE_TASK_IAM_ROLE to false on EC2 instance boot in the ECS agent configuration file. Grant the instance profile role read-only access to the Aurora database and DynamoDB.
C) Set ECS_ENABLE_TASK_IAM_ROLE to true on EC2 instance boot in the ECS agent configuration file. Run the first microservice with an IAM role for ECS tasks with read-only access for the Aurora database. Run the second microservice with an IAM role for ECS tasks with read-only access to DynamoDB.
D) Set ECS_ENABLE_TASK_IAM_ROLE to true on EC2 instance boot in the ECS agent configuration file. Grant the instance profile role read-only access to the Aurora database and DynamoDB.
Correct Answer:
Verified
Correct Answer:
Verified
Q326: A current architecture uses many Lambda functions
Q327: A Developer writes an AWS Lambda function
Q328: A developer is creating an event handling
Q329: A company wants to containerize an existing
Q330: A developer is creating an application to
Q332: A developer is building a WebSocket API
Q333: A Developer is creating a template that
Q334: An application contains two components: one component
Q335: Which of the following statements about SWF
Q336: A developer is automating a new application