Become Amazon Certified with updated SCS-C02 exam questions and correct answers
A developer operations team uses AWS Identity and Access Management (1AM) to manage user permissions The team created an Amazon EC2 instance profile role that uses an AWS managed Readonly Access policy. When an application that is running on Amazon EC2 tries to read a file from an encrypted Amazon S3 bucket, the application receives an AccessDenied error. The team administrator has verified that the S3 bucket policy allows everyone in the account to access the S3 bucket. There is no object ACL that is attached to the file. What should the administrator do to fix the 1AM access issue?
A security engineer needs to create an IAM Key Management Service used to encrypt all data stored in a company’s Amazon S3 Buckets in the us-west-1 Region. The keywill use server-side encryption. Usage of the key must be limited to requests coming from AmazonS3 within the company's account.Which statement in the KMS key policy will meet these requirements?
A financial firm receives a warning from the AWS Trust and Safety team about a potential security threat. An IAM access key linked to an IT administrator seems to have been compromised. This key is employed in an automated process that uses AWS Lambda functions to launch AWS Elastic Beanstalk environments.The firm's security engineer is tasked with addressing this security issue, preventing further use of the exposed access key, and bolstering security practices.Which of the following steps would be the most appropriate in this scenario?
An organization wants to log all IAM API calls made within all of its IAM accounts, and must have a central
place to analyze these logs. What steps should be taken to meet these requirements in the MOST secure
manner? (Select TWO)
© Copyrights DumpsCertify 2025. All Rights Reserved
We use cookies to ensure your best experience. So we hope you are happy to receive all cookies on the DumpsCertify.