AWS Certified Solutions Architect Associate SAA-C03 Practice Question
A company needs to allow an application running in an EC2 instance to consume messages from an SQS message queue sitting in a separate AWS account. How should they securely configure this access, with the least cost and configuration effort involved?
Enable cross-account replication for the message queue.
Modify the message queue's access policy to allow the EC2 instance's IAM role to consume messages.
Attach an IAM role to the EC2 instance that grants permissions to consume messages.
Share the message queue using a resource access manager.