AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
Which of the following is the secure way of using AWS API to call AWS services from EC2 Instances
Exam-Like
Community
RRitesh
A
IAM Users
B
IAM Roles
C
IAM Groups
D
IAM policies
Explanation:
IAM Roles are the secure way to use AWS API from EC2 instances because:
-
IAM Roles provide temporary security credentials that are automatically rotated
-
They don't require storing long-term credentials (access keys/passwords) on the EC2 instance
-
Roles can be assumed by the EC2 instance service, eliminating the need to manage credentials
-
Temporary credentials reduce the risk of credential exposure
-
AWS automatically manages the credential lifecycle
Why other options are less secure:
-
IAM Users: Require long-term access keys that must be stored on the instance
-
IAM Groups: Are containers for users, not credentials themselves
-
IAM Policies: Define permissions but don't provide credentials
The AWS documentation confirms that IAM roles are intended to be assumable by anyone who needs them and provide temporary security credentials dynamically.
Comments
Loading comments...