Answer-first summary for fast verification
Answer: Create an IAM role with S3 bucket permissions., Attach an instance profile with the IAM role to the EC2 instance.
To securely make API requests to an Amazon S3 bucket from an Amazon EC2 instance, you should use IAM roles rather than IAM users to avoid the need to store and manage credentials manually. Option B, creating an IAM role with permissions to the S3 bucket, is correct because roles are designed for this purpose. Option C, attaching an instance profile with the IAM role to the EC2 instance, is also correct because it ensures the EC2 instance can assume the role and obtain the necessary permissions to access the S3 bucket securely.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
How can an application on an Amazon EC2 instance securely make API requests to an Amazon S3 bucket? (Choose two best practices.)
A
Create an IAM user with S3 bucket access and add to an IAM group.
B
Create an IAM role with S3 bucket permissions.
C
Attach an instance profile with the IAM role to the EC2 instance.
D
Assign an IAM role with S3 permissions to an IAM group.
E
Store IAM user credentials in EC2 instance environment variables.
No comments yet.