Multiple Choice
A company needs to restrict access to an Amazon S3 bucket to Amazon EC2 instances in a VPC only. All traffic must be over the AWS private network. What actions should the SysOps Administrator take to meet these requirements?
A) Create a VPC endpoint for the S3 bucket, and create an IAM policy that conditionally limits all S3 actions on the bucket to the VPC endpoint as the source.
B) Create a VPC endpoint for the S3 bucket, and create a S3 bucket policy that conditionally limits all S3 actions on the bucket to the VPC endpoint as the source.
C) Create a service-linked role for Amazon EC2 that allows the EC2 instances to interact directly with Amazon S3, and attach an IAM policy to the role that allows the EC2 instances full access to the S3 bucket.
D) Create a NAT gateway in the VPC, and modify the VPC route table to route all traffic destined for Amazon S3 through the NAT gateway.
Correct Answer:
Verified
Correct Answer:
Verified
Q715: A user has launched an EBS backed
Q716: An application accesses data through a file
Q717: A SysOps Administrator is notified that a
Q718: In Amazon EC2, can you create an
Q719: A user has created a VPC with
Q721: Recently several critical files were mistakenly deleted
Q722: An organization has decided to consolidate storage
Q723: What does Amazon Route53 provide?<br>A) A global
Q724: Which of the following statements is true
Q725: A company developed and now runs a