AWS Certified DevOps Engineer – Professional — Question 59

An Amazon EC2 instance is running in a Virtual Private Cloud (VPC) and needs to download an object from a restricted Amazon S3 bucket. When the DevOps engineer tries to download, the object an AccessDenied error is received.
What are the possible causes for this error? (Choose two.)

Answer options

• A. The S3 bucket default encryption is enabled
• B. There is an error in the S3 bucket policy
• C. The object has been moved to Amazon Glacier
• D. There is an error in the IAM role configuration
• E. S3 versioning is enabled

Correct answer: B, D

Explanation

The correct answers, B and D, indicate that an improper S3 bucket policy or an incorrect IAM role configuration can prevent access to the S3 object, resulting in an AccessDenied error. Options A, C, and E do not directly relate to access permissions and therefore would not cause this specific error.