🔥 3-day streak
AWS Certified Security - Specialty68 / 157
Question 68 of 157
A company runs a data-processing application on EC2 instances that must read objects from an S3 bucket. A security engineer creates an IAM role with an S3 read policy and attaches it to an instance profile, but the EC2 instances cannot assume the role and receive an error. The role's trust policy currently lists the AWS account root as the trusted principal. What change to the trust policy will allow the EC2 instances to assume the role?
Reviewed for accuracy · Report an issueNext question