The security team at a company has set up an IAM aws video

October 01, 2025  ·  PT1H46M27S  ·  EN

security video for the security team at a company has set up an IAM user with full permissions for the EC2 service, yet the user is unable to start an Amazon

Question 1 Be Honest

« Back   Next security Question »

Answer

Full Certification Question

The security team at a company has set up an IAM user with full permissions for the EC2 service, yet the user is unable to start an Amazon EC2 instance after it was stopped for maintenance purposes. The instance would change its state to "Pending" but would eventually switch back to "Stopped" with the error "client error on launch". Upon investigating the issue, it was discovered that the EC2 instance had attached Amazon EBS volumes that were encrypted using a Customer Master Key (CMK). Detaching the encrypted volumes from the EC2 instance resolved the issue and allowed the user to start the instance successfully. Following is a snippet of the existing IAM user policy: { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ ], "Resource": "arn:aws:kms:::key/kms-encryption-key-for-ebs", "Condition": } ] } You have been tasked to build a solution to fix this issue. What do you recommend? (Select two)