AWS Certified Security - Specialty (#78)

An application has been built with Amazon EC2 instances that retrieve messages from Amazon SQS. Recently, IAM changes were made and the instances can no longer retrieve messages. What actions should be taken to troubleshoot the issue while maintaining least privilege. (Select two.)

Configure and assign an MFA device to the role used by the instances.
Verify that the SQS resource policy does not explicitly deny access to the role used by the instances.
Verify that the access key attached to the role used by the instances is active.
Attach the AmazonSQSFullAccess managed policy to the role used by the instances.
Verify that the role attached to the instances contains policies that allow access to the queue.