AWS Certified Solutions Architect – Professional (SAP-C02) — Question 482

A solutions architect is importing a VM from an on-premises environment by using the Amazon EC2 VM Import feature of AWS Import/Export. The solutions architect has created an AMI and has provisioned an Amazon EC2 instance that is based on that AMI. The EC2 instance runs inside a public subnet in a VPC and has a public IP address assigned.

The EC2 instance does not appear as a managed instance in the AWS Systems Manager console.

Which combination of steps should the solutions architect take to troubleshoot this issue? (Choose two.)

Answer options

• A. Verify that Systems Manager Agent is installed on the instance and is running.
• B. Verify that the instance is assigned an appropriate IAM role for Systems Manager.
• C. Verify the existence of a VPC endpoint on the VPC.
• D. Verity that the AWS Application Discovery Agent is configured.
• E. Verify the correct configuration of service-linked roles for Systems Manager.

Correct answer: A, B

Explanation

For an Amazon EC2 instance to register as a managed instance in AWS Systems Manager, it must have the Systems Manager Agent (SSM Agent) installed and running, and it must be associated with an IAM role that grants the required SSM permissions (such as AmazonSSMManagedInstanceCore). Because the instance is in a public subnet with a public IP address, it can communicate directly with the Systems Manager service over the internet, making a VPC endpoint unnecessary. The AWS Application Discovery Agent and service-linked roles are not required to resolve this registration issue.