Answer-first summary for fast verification
Answer: Create an IAM role with permissions limited to necessary S3 access and attach it to the EC2 instance.
The recommended security best practice in this scenario is to use an IAM role with the necessary permissions. Attaching this role to the EC2 instance allows the application to securely interact with Amazon S3 without embedding long-term access credentials in the application code. Option C, which suggests creating an IAM role with necessary access to Amazon S3 and attaching it to the EC2 instance, is the correct answer. This approach ensures that the application follows the principle of least privilege and enhances security by using temporary credentials managed by AWS.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
A company is migrating a non-critical application to AWS, specifically to an Amazon EC2 instance, which will interact with an Amazon S3 bucket. What is the recommended security best practice for enabling this interaction?
A
Assign an IAM role with full AWS administrative privileges to the EC2 instance.
B
Create an IAM user with the AdministratorAccess policy and integrate the access credentials into the application code for S3 communication via AWS SDK.
C
Create an IAM role with permissions limited to necessary S3 access and attach it to the EC2 instance.
D
Generate an IAM user with a policy granting required S3 access, then incorporate the access key and secret into the application code for AWS SDK-based S3 interactions.