The most secure and AWS-recommended way to transfer files from an EC2 instance to an S3 bucket is to create an IAM role with the necessary permissions for the required S3 API calls, and then associate that role with the EC2 instance. This allows the application running on the instance to access S3 securely, without the need to manage and store static access keys, which can be less secure. Therefore, the correct answer is C.