Question 4:
An application running on EC2 instances must use a username and password to access a database. The developer has stored those secrets in the SSM Parameter Store with type SecureString using the default KMS CMK. Which combination of configuration steps will allow the application to access the secrets via the API? Select 2 answers from the options below
Answer options:
A.Add the EC2 instance role as a trusted service to the SSM service role. B.Add permission to use the KMS key to decrypt to the SSM service role. C.Add permission to read the SSM parameter to the EC2 instance role. D.Add permission to use the KMS key to decrypt to the EC2 instance role E.Add the SSM service role as a trusted service to the EC2 instance role.