A user wants to allow applications running on an Amazon EC2 instance to make calls to other AWS services. The access granted must be secure.
Which AWS service or feature should be used?
A user wants to allow applications running on an Amazon EC2 instance to make calls to other AWS services. The access granted must be secure.
Which AWS service or feature should be used?
To allow applications running on an Amazon EC2 instance to make calls to other AWS services securely, IAM roles should be used. IAM roles provide temporary security credentials that applications can use to make secure API requests to AWS services. Unlike long-term credentials, IAM roles help maintain security and reduce the risk of compromised credentials by automatically rotating them.
For allowing applications running on an Amazon EC2 instance to make secure calls to other AWS services, the recommended AWS service or feature is: C. IAM roles IAM (Identity and Access Management) roles provide a secure way to grant permissions to AWS services and resources. In this scenario, you can create an IAM role with the necessary permissions for the EC2 instance to access other AWS services. Then, you can associate the IAM role with the EC2 instance. Option A (Security groups) is used for controlling inbound and outbound traffic to and from an EC2 instance, but it's not directly related to granting permissions to AWS services.
C. IAM roles: Are used to grant secure and temporary access to AWS services. In this scenario, where a user wants to allow applications running on an Amazon EC2 instance to make calls to other AWS services, IAM roles should be used. IAM roles provide a secure way to delegate permissions to entities like EC2 instances without the need for long-term credentials. Option A (Security groups) is used for controlling inbound and outbound traffic to EC2 instances but does not provide secure access to AWS services. Option B (AWS Firewall Manager) is a service used for managing AWS WAF (Web Application Firewall) rules across accounts and applications, and it is not directly related to granting permissions to EC2 instances. Option D (IAM user SSH keys) is specifically related to SSH key pairs for IAM users and is not the appropriate solution for granting access to AWS services from EC2 instances.
The correct answer is C. AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. With IAM, you can centrally manage permissions that control which AWS resources users can access. You can use IAM features to securely provide credentials for applications that run on EC2 instances. These credentials provide permissions for your application to access other AWS resources. https://docs.aws.amazon.com/IAM/latest/UserGuide/introduction.html
I agree with C - IAM Roles but not with your explanation or reference. Your explanation is about IAM in general whereas the answer C is specific to IAM roles. "You can use roles to delegate access to users, applications, or services that don't normally have access to your AWS resources." Reference: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html
I'm seeing wrong answers in alot of questions, Please Admins correct the answers.
When an EC2 instance is launched, it can be assigned an IAM role. This role allows the applications running on the instance to make AWS API calls and work with AWS resources by assuming the role. You define the permissions for the applications using the attached IAM policies.
I think answer is D because Security group and IAM roles serve to define granted access. SSH keys allow to secure access.
A - Security group is correct because it is asking how to secure the access granted( IAM ROLES), not what is required to grant access( which is the IAM role).
C - IAM Roles. Roles are used to allow users or services access to other AWS resources.
C. IAM roles Explication : Les rôles IAM (Identity and Access Management) sont utilisés pour déléguer l'accès aux ressources AWS de manière sécurisée. En attachant un rôle IAM à une instance EC2, les applications s'exécutant sur cette instance peuvent faire des appels sécurisés à d'autres services AWS sans utiliser de longues informations d'identification telles que les clés d'accès. Les rôles IAM sont la méthode recommandée pour accorder un accès sécurisé aux services AWS à partir d'instances EC2.
Answer is C
The correct answer is C: IAM roles
For allowing applications running on an Amazon EC2 instance to make secure calls to other AWS services, the recommended AWS service or feature is: C. IAM roles IAM (Identity and Access Management) roles provide a secure way to grant permissions to AWS services and resources. In this scenario, you can create an IAM role with the necessary permissions for the EC2 instance to access other AWS services. Then, you can associate the IAM role with the EC2 instance.
Answer is Security Groups... Key is: The access granted must be secure.
Using an **IAM role** to grant permissions to applications running on Amazon EC2 instances https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html
It is asking how to ensure access granted is secure- so Security groups is the right answer.
A: incorrect becouse Security groups is a FW service
C. IAM roles