Answer-first summary for fast verification
Answer: Establish a trust policy for the EC2 service principal and link it to the IAM role.
The correct answer is C. To resolve the 'Access Denied' error, the EC2 instance needs a trust policy that specifies the EC2 service principal and associates this policy with the IAM role. This trust policy allows the specified entity (in this case, the EC2 instance) to assume the role and perform the required actions on the DynamoDB table. Creating this trust policy ensures that the EC2 instance is properly authorized to access the DynamoDB resources.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
An application deployed on an Amazon EC2 instance in the us-west-2 Region is experiencing 'Access Denied' errors when attempting to read from a DynamoDB table named 'Cars'. The EC2 instance has an IAM role with an attached policy. What action should the developer take to resolve the permissions issue?
A
Update the IAM policy to include a resource ARN pattern of 'arn:aws:dynamodb:us-west-2:account-id:table/*'.
B
Expand the IAM policy to encompass all DynamoDB actions with 'dynamodb:*'.
C
Establish a trust policy for the EC2 service principal and link it to the IAM role.
D
Configure a trust relationship in the IAM role to trust 'dynamodb.amazonaws.com'.
No comments yet.