🔥 3-day streak
AWS Certified Security - Specialty72 / 184
Question 72 of 184
A security engineer is troubleshooting access for an application running on an EC2 instance in Account A. The instance uses an IAM role that has NO identity-based policy statements granting S3 access. The application must read objects from an S3 bucket that also resides in Account A. The bucket has a bucket policy that explicitly allows the s3:GetObject action for the instance role's ARN as the principal. When the application calls GetObject, what is the result and why?
Reviewed for accuracy · Report an issueNext question