AWS Certified Security – Specialty — Question 133

A Security Engineer has launched multiple Amazon EC2 instances from a private AMI using an AWS CloudFormation template. The Engineer notices instances terminating right after they are launched.
What could be causing these terminations?

Answer options

• A. The IAM user launching those instances is missing ec2:RunInstances permissions
• B. The AMI used was encrypted and the IAM user does not have the required AWS KMS permissions
• C. The instance profile used with the EC2 instances is unable to query instance metadata
• D. AWS currently does not have sufficient capacity in the Region

Correct answer: B

Explanation

The correct answer is B because if the AMI is encrypted and the user does not have the necessary AWS KMS permissions, the instances will fail to launch properly. Option A is incorrect because lacking ec2:RunInstances permissions would prevent launching instances, not cause them to terminate. Option C is also wrong, as the ability to query instance metadata does not directly cause immediate terminations. Option D is not relevant in this case, as AWS capacity issues would typically affect instance launch rather than causing immediate terminations.