Question #1065
A company deployed an Amazon EC2 instance using the latest Amazon Linux 2023 AMI. Which methods allow a system administrator to securely connect to the instance? (Choose two.)
Use Amazon EC2 Instance Connect.
Use AWS Direct Connect.
Use AWS Cloud9.
Use AWS Systems Manager Session Manager.
Use Amazon API Gateway.
Explanation
A. Amazon EC2 Instance Connect allows secure SSH access using temporary SSH keys managed by AWS, eliminating the need to manage long-term keys. The Amazon Linux 2023 AMI supports this method.
D. AWS Systems Manager Session Manager enables secure connections without opening SSH ports, using IAM policies and encryption. The SSM agent is preinstalled on Amazon Linux 2023 AMIs.
Other options:
B. AWS Direct Connect establishes private network links but does not provide instance access.
C. AWS Cloud9 may use SSH or SSM internally but is not a direct connection method.
E. Amazon API Gateway is for API management, not instance access.
Key Points:
- EC2 Instance Connect uses ephemeral SSH keys.
- Session Manager uses IAM and no open ports.
- Direct Connect and API Gateway are unrelated to instance access.
- Ensure SSM agent is installed (preinstalled on Amazon Linux 2023).
Answer
The correct answer is: AD