Q53 — AWS SAP-C02 Ch.1

Question 53 of 75 | ← Chapter 1

Q128. A company has a legacy monolithic application that is critical to the company's business. The company hosts the application on an Amazon EC2 instance that runs Amazon Linux 2. The company's application team receives a directive from the legal department to back up the data from the instance's encrypted Amazon Elastic Block Store (Amazon EBS) volume to an Amazon S3 bucket. The application team does not have the administrative SSH key pair for the instance.The application must continue to serve the users.Which solution will meet these requirements?

Correct Answer: A. Attach a role to the instance with permission to write to Amazon S3. Use the AWS Systems Manager Session Manager option to gain access to the instance and run commands to copy data into Amazon S3

Explanation

if you say C then you still need permissions to copy the data from the snapshot to S3. - Before you export DB snapshot data to Amazon S3, give the snapshot export tasks write-access permission to the Amazon S3 bucket. To do this, create an IAM policy that provides access to the bucket. Then create an IAM role and attach the policy to the role. You later assign the IAM role to your snapshot export task. "By default, Amazon EC2 shuts down the instance, takes snapshots of any attached volumes, creates and registers the AMI, and then reboots the instance. Choose "No reboot" if you don't want your instance to be shut down." Option D not mention about "No reboot" option so EC2 instance will reboot by default, in this question "The application must continue to serve the users". So I think option A is best answer! https://docs.aws.amazon.com/toolkit-for-visual-studio/latest/user-guide/tkv-create-ami-from-instance.html