Domain 1.1: Secure Access — AWS SAA-C03 Practice Question 02

How to approach this question

Always use IAM roles for EC2 instances to access other AWS services. Never use long-term access keys.

Full Answer

B.Create an IAM role with read access to the S3 bucket and attach it to an EC2 instance profile.✓ Correct

An IAM role is an IAM identity that you can create in your account that has specific permissions. An IAM role is similar to an IAM user, but it is not associated with a specific person. Instead, it can be assumed by anyone who needs it. EC2 uses instance profiles as a container for an IAM role.

Common mistakes

Selecting options that involve long-term access keys (IAM users).

A solutions architect is designing an application that will run on Amazon EC2 instances. The application needs to access an Amazon S3 bucket to read configuration files. What is the MOST secure way to grant the EC2 instances access to the S3 bucket?

How to approach this question

Full Answer

Common mistakes

Practice the full AWS SAA-C03 Practice Exam 1

More questions from this exam