What are the possible causes for this error?

By:
In: DOP-C01
Tagged:
With: 2 Comments
An Amazon EC2 instance is running in a Virtual Private Cloud (VPC) and needs to download an object from a restricted Amazon S3 bucket.When the DevOps engineer tries to download, the object an AccessDenied error is received.

What are the possible causes for this error?

(Choose two.)

The S3 bucket default encryption is enabled

There is an error in the S3 bucket policy

The object has been moved to Amazon Glacier

There is an error in the IAM role configuration

S3 versioning is enabled

Explanations:

The S3 bucket default encryption does not affect access permissions; it only impacts how objects are encrypted when stored in the bucket. An AccessDenied error relates to permissions, not encryption settings.

An error in the S3 bucket policy can lead to an AccessDenied error if the policy does not grant the necessary permissions for the EC2 instance or the IAM role associated with it to access the object.

If the object has been moved to Amazon Glacier, it would not result in an AccessDenied error but rather a different error indicating that the object is archived and needs to be restored first.

An error in the IAM role configuration can result in insufficient permissions for the EC2 instance to access the S3 bucket. If the IAM role attached to the EC2 instance does not have the necessary permissions, it would cause an AccessDenied error.

Enabling S3 versioning does not affect access permissions. Versioning allows multiple versions of an object but does not restrict or deny access to any particular version based on versioning settings alone.

2026-03-30

2 Comments

  1. Wayne
    Author

    I rate that the answer is:
    There is an error in the S3 bucket policy

  2. Christine
    Author

    I opine that the answer is:
    There is an error in the S3 bucket policy

Leave a Reply

Your email address will not be published. Required fields are marked *

fifteen − two =