Exam AWS Certified Cloud Practitioner CLF-C02 topic 1 question 52 discussion

Amazon API Gateway: While API Gateway is used for creating, publishing, maintaining, monitoring, and securing APIs, it doesn't directly provide temporary credentials for authentication. IAM Users: IAM users are long-term credentials associated with specific users or applications. They are not designed for temporary access and are not suitable for the described use case. AWS Security Token Service (AWS STS): AWS STS is the correct choice for providing temporary, limited-privilege credentials. It enables you to request temporary credentials with a specific set of permissions (via roles), which can be used to authenticate with other AWS services. This is commonly used for scenarios where you need to grant temporary access to resources without exposing long-term credentials. IAM Instance Profiles: IAM instance profiles are used for providing AWS Identity and Access Management (IAM) roles to EC2 instances. While they are related to IAM roles, they are specific to EC2 instances and may not be the most suitable option for non-EC2 services in this scenario. AWS STS is a more generic and flexible solution for temporary credential requirements.

AWS Security Token Service (AWS STS) is a service that enables the creation of temporary, limited-privilege credentials for AWS resources. It is used for scenarios where you need to authenticate API requests with temporary credentials that are valid for a specific duration and are assigned limited permissions.

AWS Security Token Service (AWS STS): AWS STS is the correct choice for providing temporary, limited-privilege credentials. It enables you to request temporary credentials with a specific set of permissions (via roles), which can be used to authenticate with other AWS services. This is commonly used for scenarios where you need to grant temporary access to resources without exposing long-term credentials.

C. AWS Security Token Service (AWS STS)

c is ok

correct answer is c

AWS Security Token Service (AWS STS): AWS STS is the correct choice for providing temporary, limited-privilege credentials. It enables you to request temporary credentials with a specific set of permissions (via roles), which can be used to authenticate with other AWS services. This is commonly used for scenarios where you need to grant temporary access to resources without exposing long-term credentials.

C is correct

Answer C is Correct. Key: "application needs to use temporary, limited-privilege credentials for authentication with other AWS APIs"

C. AWS Security Token Service (AWS STS) AWS STS provides a way to grant temporary, limited-privilege credentials to users, applications, or services. These temporary credentials can be used to access AWS resources securely without having to use long-term access keys or IAM user credentials.

The answer is C. AWS provides AWS Security Token Service (AWS STS) as a web service that enables you to request temporary, limited-privilege credentials for users. https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html