AWS Certified Solutions Architect - Professional (#78)

A company wants to migrate its website from an on-premises data center onto AWS. At the same time, it wants to migrate the website to a containerized microservice-based architecture to improve the availability and cost efficiency. The company’s security policy states that privileges and network permissions must be configured according to best practice, using least privilege. A Solutions Architect must create a containerized architecture that meets the security requirements and has deployed the application to an Amazon ECS cluster. What steps are required after the deployment to meet the requirements? (Choose two.)

Create tasks using the
bridge
network mode.
Create tasks using the
awsvpc
network mode.
Apply security groups to Amazon EC2 instances, and use IAM roles for EC2 instances to access other resources.
Apply security groups to the tasks, and pass IAM credentials into the container at launch time to access other resources.
Apply security groups to the tasks, and use IAM roles for tasks to access other resources.