A Software Engineer is trying to figure out why network connectivity to an Amazon EC2 instance does not appear to be working correctly. Its security group allows inbound HTTP traffic from 0.0.0.0/0, and the outbound rules have not been modified from the default. A custom network ACL associated with its subnet allows inbound HTTP traffic from 0.0.0.0/0 and has no outbound rules.
What would resolve the connectivity issue?
Which of the following minimizes the potential attack surface for applications?
The Security Engineer created a new IAM Key Management Service (IAM KMS) key with the following key policy:
What are the effects of the key policy? (Choose two.)
An IAM account includes two S3 buckets: bucket1 and bucket2. The bucket2 does not have a policy defined, but bucket1 has the following bucket policy:
In addition, the same account has an IAM User named “alice”, with the following IAM policy.
Which buckets can user “alice” access?