AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
You have an EC2 Instance in development that interacts with the Simple Storage Service. The EC2 Instance is going to be promoted to the production environment. Which of the following features should be used for secure communication between the EC2 Instance and the Simple Storage Service.
Real Exam
Community
RRitesh
0
A
IAM Users
B
IAM Roles
C
IAM Groups
D
IAM policies
Explanation:
IAM Roles are the correct choice for secure communication between EC2 instances and AWS services like S3. Here's why:
- IAM Roles provide temporary security credentials that are dynamically created and rotated automatically
- They are designed specifically for AWS services (like EC2) to assume and access other AWS services
- No long-term credentials (passwords or access keys) are stored on the EC2 instance
- When an EC2 instance assumes a role, it gets temporary security tokens that expire after a set period
- This is more secure than using IAM Users with permanent credentials
Why not the other options:
- IAM Users: Use permanent credentials which are less secure and harder to manage
- IAM Groups: Are for organizing users, not for service-to-service communication
- IAM Policies: Define permissions but don't provide the credential mechanism themselves
For production environments, IAM Roles provide the most secure and manageable solution for EC2 instances to interact with other AWS services.
Comments
Loading comments...