Which steps should the team take to troubleshoot this issue?
(Choose two.)
Check whether the policy that is assigned to the IAM role that is attached to the EC2 instances grants access to Amazon S3.
Check the S3 bucket policy to validate the access permissions for the S3 bucket.
Check whether the policy that is assigned to the IAM user that is attached to the EC2 instances grants access to Amazon S3.
Check the S3 Lifecycle policy to validate the permissions that are assigned to the S3 bucket.
Check the security groups that are assigned to the EC2 instances. Make sure that a rule is not blocking the access to Amazon S3.
Explanations:
The IAM role assigned to the EC2 instances must have the appropriate permissions to access Amazon S3. Without the correct policy, the instances will not be able to perform S3 actions.
The S3 bucket policy must allow access for the IAM role or user associated with the EC2 instances. If the bucket policy denies access or does not include the necessary permissions, the instances will be unable to access the bucket.
The IAM user policy is not relevant here because the application is running on EC2 instances, which use an IAM role for permissions, not a user. Therefore, this option does not address the issue.
The S3 Lifecycle policy manages the lifecycle of objects in the bucket (like transitioning storage classes or expiration) but does not control access permissions. Thus, it does not impact the EC2 instances’ ability to access S3.
Security groups control inbound and outbound traffic for EC2 instances, but S3 access is handled at the IAM level and through bucket policies, not through EC2 security groups. Hence, this option is not applicable for S3 access issues.