DVA-C02 Exam QuestionsBrowse all questions from this exam
Go to Exam

DVA-C02 Exam - Question 218

A company requires that all applications running on Amazon EC2 use IAM roles to gain access to AWS services. A developer is modifying an application that currently relies on IAM user access keys stored in environment variables to access Amazon DynamoDB tables using boto, the AWS SDK for Python.

The developer associated a role with the same permissions as the IAM user to the EC2 instance, then deleted the IAM user. When the application was restarted, the AWS AccessDeniedException messages started appearing in the application logs. The developer was able to use their personal account on the server to run DynamoDB API commands using the AWS CLI.

What is the MOST likely cause of the exception?

Show Answer
Correct Answer: B

The most likely cause of the AWS AccessDeniedException messages is that the application is still attempting to use the disabled IAM user access keys stored in the environment variables. When an application relies on environment variables for credentials and those credentials are no longer valid, it will fail to authenticate correctly. The application needs to be modified to leverage IAM roles attached to the EC2 instance, which are retrieved via the instance metadata service rather than environment variables.

Discussion

4 comments
Sign in to comment
didorinsOption: B
Oct 28, 2023

B is the only viable answer.

Claire_KMT
Oct 28, 2023

B. Disabled environment variable credentials are still being used by the application.

65703c1Option: B
May 23, 2024

B is the correct answer.

kyowo
Jul 3, 2024

B is corect