Q11 — AWS DVA-C02 Ch.2
Question 11 of 100 | ← Chapter 2
A developer is running an application on an Amazon EC2 instance. When the application attempts to read from an Amazon S3 bucket, it fails. The developer notices that the associated IAM role lacks S3 read permissions. The developer needs to grant the application the ability to read from the S3 bucket. Which solution meets this requirement with minimal application interruption?
- A. Add the required permissions to the role. Terminate the existing EC2 instance and launch a new one.
- B. Add the permissions to the role so that the change takes effect immediately. ✓
- C. Add the permissions to the role. Stop and restart the existing EC2 instance.
- D. Add permissions to the S3 bucket. Restart the EC2 instance.
Correct Answer: B. Add the permissions to the role so that the change takes effect immediately.
Explanation
Option B—adding permissions to the role—is correct because it directly grants the application the required permissions without causing EC2 instance interruption. IAM policy changes take effect immediately, eliminating the need to restart or replace the EC2 instance. Therefore, option B satisfies the requirement with minimal application interruption. 【Lantern Certification provided by: swufelp1999】