Q: 16
To run an application, a DevOps engineer launches an Amazon EC2 instance with public IP addresses
in a public subnet. A user data script obtains the application artifacts and installs them on the
instances upon launch. A change to the security classification of the application now requires the
instances to run with no access to the internet. While the instances launch successfully and show as
healthy, the application does not seem to be installed.
Which of the following should successfully install the application while complying with the new rule?
Options
Discussion
C tbh, because VPC endpoint for S3 lets instances download artifacts securely with no internet. But does the artifact repo only support S3? If it were on a different service, this might not work and B could be needed.
Be respectful. No spam.
