Topic 1 Question 387
A developer is creating a new batch application that will run on an Amazon EC2 instance. The application requires read access to an Amazon S3 bucket. The developer needs to follow security best practices to grant S3 read access to the application.
Which solution meets these requirements?
Add the permissions to an IAM policy. Attach the policy to a role. Attach the role to the EC2 instance profile.
Add the permissions inline to an IAM group. Attach the group to the EC2 instance profile.
Add the permissions to an IAM policy. Attach the policy to a user. Attach the user to the EC2 instance profile.
Add the permissions to an IAM policy. Use IAM web identity federation to access the S3 bucket with the policy.
ユーザの投票
コメント(1)
- 正解だと思う選択肢: A
using an IAM role attached to an EC2 instance profile with the appropriate IAM policy for S3 read access is the best practice. This approach ensures that the EC2 instance has the necessary permissions without embedding credentials or using less appropriate methods.
👍 4rdiaz2024/07/11
シャッフルモード