🔥 3-day streak
AWS Certified Security - Specialty82 / 184
Question 82 of 184
A company has an Amazon S3 bucket in Account A (111111111111) that must be read by an application running on EC2 instances in Account B (222222222222). The EC2 instances use an instance profile role named AppRole. The security team requires that no additional IAM role be assumed and that access be granted with the least possible cross-account trust configuration. Which approach correctly grants the EC2 application read access to the bucket?
Reviewed for accuracy · Report an issueNext question