A company requires that all applications running on Amazon EC2 use 1AM roles to gam...

Vendor: Amazon Web Services
Product: DVA-C02
Update on: Mar 14, 2026
Questions: 546

Amazon Web Services DVA-C02 Question Answer

A company requires that all applications running on Amazon EC2 use 1AM roles to gam access to AWS services. A developer is modifying an application that currently relies on 1AM user access keys stored in environment variables to access Amazon DynamoDB tables using boto, the AWS SDK for Python.

The developer associated a role with the same permissions as the 1AM user to the EC2 instance, then deleted the 1AM user. When the application was restarted, the AWS

Access Denied Exception messages started appearing in the application logs. The developer was able to use their personal account on the server to run DynamoDB API commands using the AWS CLI.

What is the MOST likely cause of the exception?

1AM policies might take a few minutes to propagate to resources.

Disabled environment variable credentials are still being used by the application.

The AWS SDK does not support credentials obtained using an instance role.

The instance's security group does not allow access to http://169.254.169.254.