Your Chief Security Officer has mandated that all software license keys for your application must to be stored centrally, in an encrypted format in SSM Parameter Store. It is now time to upgrade the software and in order to get access to the free upgrade, your application needs to access the licence key string. You scheduled the upgrade for last weekend, however most of the upgrades failed. What do you suspect the problem could be?
SELECT TWO
A. The EC2 instance role does not have permission to read the parameter in SSM Parameter Store
B. SSM Parameter Store does not have permission to use KMS to decrypt the parameter
C. The EC2 instance role does not have permission to use KMS to encrypt parameter
D. The EC2 instance role does not have permission to use KMS to decrypt the parameter
Need help understanding what the answer could be. Here is a link to the AWS Doc for SSM Param Store. Try and suggest the answer before looking at the doc.
2 Answers
I would say it is A and D
A & B
A. The EC2 instance role does not have permission to read the parameter in SSM Parameter Store
D. The EC2 instance role does not have permission to use KMS to decrypt the parameter
I would say it is A and D