Prev Question
Next Question

You have a code repository that uses Amazon S3 as a data store. During a recent audit of your security controls, some
concerns were raised about maintaining the integrity of the data in the Amazon S3 bucket. Another concern was raised
around securely deploying code from Amazon S3 to applications running on Amazon EC2 in a virtual private cloud. What
are some measures that you can implement to mitigate these concerns? (Choose two.)

Add an Amazon S3 bucket policy with a condition statement to allow access only from Amazon EC2 instances with RFC 1918 IP
addresses and enable bucket versioning.

Add an Amazon S3 bucket policy with a condition statement that requires multi-factor authentication in order to delete objects and
enable bucket versioning.

Use a configuration management service to deploy AWS Identity and Access Management user credentials to the Amazon EC2
Use these credentials to securely access the Amazon S3 bucket when deploying code.

Create an Amazon Identity and Access Management role with authorization to access the Amazon S3 bucket, and launch all of your
application’s Amazon EC2 instances with this role.

Use AWS Data Pipeline to lifecycle the data in your Amazon S3 bucket to Amazon Glacier on a weekly basis.

Use AWS Data Pipeline with multi-factor authentication to securely deploy code from the Amazon S3 bucket to your Amazon EC2

Prev Question
Next Question

Leave a Reply

Your email address will not be published. Required fields are marked *