Amazon Web Services SCS-C02 Question Answer
A company has configured a gateway VPC endpoint in a VPC. Only Amazon EC2 instances that reside in a single subnet in the VPC can use the endpoint The company hasmodified the route table for this single subnet to route traffic to Amazon S3 through the gateway VPC endpoint. The VPC provides internet access through an internet gateway.
A security engineer attempts to use instance profile credentials from an EC2 instance to retrieve an object from the S3 bucket, but the attempt fails. The security engineer verifies that the EC2 instance has an 1AM instance profile with the correct permissions to access the S3 bucket and to retrieve objects. The security engineer also verifies that the S3 bucket policy is allowing access properly. Additionally, the security engineer verifies that the EC2 instance's security group and the subnet's network ACLs allow the communication.
What else should the security engineer check to determine why the request from the EC2 instance is failing?
Amazon Web Services SCS-C02 Summary
- Vendor: Amazon Web Services
- Product: SCS-C02
- Update on: Aug 2, 2025
- Questions: 417
