Which of the below mentioned options is a possible solution to avoid any security threat?
An organization has created an application which is hosted on the AWS EC2 instance. The application stores images to S3 when the end user uploads to it. The organization does not want to store the AWS secure credentials required to access the S3 inside the instance.
Which of the below mentioned options is a possible solution to avoid any security threat?
A . Use the IAM based single sign between the AWS resources and the organization application.
B . Use the IAM role and assign it to the instance.
C . Since the application is hosted on EC2, it does not need credentials to access S3.
D . Use the
E . 509 certificates instead of the access and the secret access keys.
Answer: B
Explanation:
The AWS IAM role uses temporary security credentials to access AWS services. Once the role is assigned to an instance, it will not need any security credentials to be stored on the instance.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html
Latest AWS-Solution-Architect-Associate Dumps Valid Version with 986 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund