A solutions architect is using an AWS CloudFormation template to deploy a three-tier web application.

Question

A solutions architect is using an AWS CloudFormation template to deploy a three-tier web application. The web application consists of a web tier and an application tier that stores and retrieves user data in Amazon DynamoDB tables. The web and application tiers are hosted on Amazon EC2 instances, and the database tier is not publicly accessible. The application EC2 instances need to access the DynamoDB tables without exposing API credentials in the template.
What should the solutions architect do to meet these requirements?

Accepted Answer

B. Create an IAM role that has the required permissions to read and write from the DynamoDB tables. Add the role to the EC2 instance profile, and associate the instance profile with the application instances.

Answer

A. Create an IAM role to read the DynamoDB tables. Associate the role with the application instances by referencing an instance profile.

Answer

C. Use the parameter section in the AWS CloudFormation template to have the user input access and secret keys from an already-created IAM user that has the required permissions to read and write from the DynamoDB tables.

Answer

D. Create an IAM user in the AWS CloudFormation template that has the required permissions to read and write from the DynamoDB tables. Use the GetAtt function to retrieve the access and secret keys, and pass them to the application instances through the user data.

Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

Exam SAA-C03 All Questions

Amazon Web Services AWS Solutions Architect Associate SAA-C03 Question # 221 Topic 23 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts: