What should the solutions architect do to meet this requirement?

By:
In: SAA-C03
Tagged:
With: 1 Comment
A company is implementing a new business application.The application runs on two Amazon EC2 instances and uses an Amazon S3 bucket for document storage.A solutions architect needs to ensure that the EC2 instances can access the S3 bucket.

What should the solutions architect do to meet this requirement?

Create an IAM role that grants access to the S3 bucket. Attach the role to the EC2 instances.

Create an IAM policy that grants access to the S3 bucket. Attach the policy to the EC2 instances.

Create an IAM group that grants access to the S3 bucket. Attach the group to the EC2 instances.

Create an IAM user that grants access to the S3 bucket. Attach the user account to the EC2 instances.

Explanations:

Creating an IAM role with permissions to access the S3 bucket and attaching it to the EC2 instances is the recommended approach for securely granting instances access to AWS services like S3.

IAM policies alone cannot be directly attached to EC2 instances. They must be attached to an IAM role assigned to the EC2 instances.

IAM groups are used to assign permissions to multiple IAM users, not to EC2 instances. They cannot be directly attached to instances.

IAM users are intended for individual users and cannot be directly attached to EC2 instances to grant them permissions. The correct method is using an IAM role.

2025-10-10

1 Comment

  1. Roger
    Author

    I organize that the answer is:
    Create an IAM role that grants access to the S3 bucket. Attach the role to the EC2 instances.

Leave a Reply

Your email address will not be published. Required fields are marked *

2 × three =