A company is developing an application that uses multiple AWS services. The application needs to use temporary, limited-privilege credentials for authentication with other AWS APIs.
Which AWS service or feature should the company use to meet these authentication requirements?
The correct service to use for obtaining temporary, limited-privilege credentials for authenticating with other AWS APIs is AWS Security Token Service (AWS STS). AWS STS allows the creation of temporary security credentials that can be used for short-term access to AWS resources. This is particularly useful for applications that require temporary access without exposing long-term credentials.
Amazon API Gateway: While API Gateway is used for creating, publishing, maintaining, monitoring, and securing APIs, it doesn't directly provide temporary credentials for authentication. IAM Users: IAM users are long-term credentials associated with specific users or applications. They are not designed for temporary access and are not suitable for the described use case. AWS Security Token Service (AWS STS): AWS STS is the correct choice for providing temporary, limited-privilege credentials. It enables you to request temporary credentials with a specific set of permissions (via roles), which can be used to authenticate with other AWS services. This is commonly used for scenarios where you need to grant temporary access to resources without exposing long-term credentials. IAM Instance Profiles: IAM instance profiles are used for providing AWS Identity and Access Management (IAM) roles to EC2 instances. While they are related to IAM roles, they are specific to EC2 instances and may not be the most suitable option for non-EC2 services in this scenario. AWS STS is a more generic and flexible solution for temporary credential requirements.
C. AWS Security Token Service (AWS STS) AWS STS provides a way to grant temporary, limited-privilege credentials to users, applications, or services. These temporary credentials can be used to access AWS resources securely without having to use long-term access keys or IAM user credentials.
The answer is C. AWS provides AWS Security Token Service (AWS STS) as a web service that enables you to request temporary, limited-privilege credentials for users. https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html
AWS Security Token Service (AWS STS): AWS STS is the correct choice for providing temporary, limited-privilege credentials. It enables you to request temporary credentials with a specific set of permissions (via roles), which can be used to authenticate with other AWS services. This is commonly used for scenarios where you need to grant temporary access to resources without exposing long-term credentials.
Answer C is Correct. Key: "application needs to use temporary, limited-privilege credentials for authentication with other AWS APIs"
correct answer is c
C is correct