Answer-first summary for fast verification
Answer: IAM Roles
IAM Roles are the correct choice for secure communication between EC2 instances and AWS services like S3. Here's why: - **IAM Roles** provide temporary security credentials that are dynamically created and rotated automatically - They are designed specifically for AWS services (like EC2) to assume and access other AWS services - No long-term credentials (passwords or access keys) are stored on the EC2 instance - When an EC2 instance assumes a role, it gets temporary security tokens that expire after a set period - This is more secure than using IAM Users with permanent credentials **Why not the other options:** - **IAM Users**: Use permanent credentials which are less secure and harder to manage - **IAM Groups**: Are for organizing users, not for service-to-service communication - **IAM Policies**: Define permissions but don't provide the credential mechanism themselves For production environments, IAM Roles provide the most secure and manageable solution for EC2 instances to interact with other AWS services.
Author: Ritesh Yadav
Ultimate access to all questions.
You have an EC2 Instance in development that interacts with the Simple Storage Service. The EC2 Instance is going to be promoted to the production environment. Which of the following features should be used for secure communication between the EC2 Instance and the Simple Storage Service.
A
IAM Users
B
IAM Roles
C
IAM Groups
D
IAM policies
No comments yet.