Exam AWS Certified Cloud Practitioner CLF-C02 topic 1 question 108 discussion

For allowing applications running on an Amazon EC2 instance to make secure calls to other AWS services, the recommended AWS service or feature is: C. IAM roles IAM (Identity and Access Management) roles provide a secure way to grant permissions to AWS services and resources. In this scenario, you can create an IAM role with the necessary permissions for the EC2 instance to access other AWS services. Then, you can associate the IAM role with the EC2 instance. Option A (Security groups) is used for controlling inbound and outbound traffic to and from an EC2 instance, but it's not directly related to granting permissions to AWS services.

C. IAM roles: Are used to grant secure and temporary access to AWS services. In this scenario, where a user wants to allow applications running on an Amazon EC2 instance to make calls to other AWS services, IAM roles should be used. IAM roles provide a secure way to delegate permissions to entities like EC2 instances without the need for long-term credentials. Option A (Security groups) is used for controlling inbound and outbound traffic to EC2 instances but does not provide secure access to AWS services. Option B (AWS Firewall Manager) is a service used for managing AWS WAF (Web Application Firewall) rules across accounts and applications, and it is not directly related to granting permissions to EC2 instances. Option D (IAM user SSH keys) is specifically related to SSH key pairs for IAM users and is not the appropriate solution for granting access to AWS services from EC2 instances.

C. IAM roles IAM (Identity and Access Management) roles provide a secure way to grant permissions to AWS services and resources. In this scenario, you can create an IAM role with the necessary permissions for the EC2 instance to access other AWS services. Then, you can associate the IAM role with the EC2 instance.

IAM role supplies temporary permissions that applications can use when they make calls to other AWS resources. https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html

C. IAM roles

Keyword: Amazon EC2 instance to make calls to other AWS services. Here, One AWS service wants to access another AWS services. In AWS wants to access another service by using IAM roles only possible AWS Service -----> Accessed by user == Create IAM User AWS Service -----> Accessed by another AWS service == Create IAM Roles Answer is C. IAM roles

Thanks for all the discussions. bless

I'm seeing wrong answers in alot of questions, Please Admins correct the answers.

C. IAM roles Explication : Les rôles IAM (Identity and Access Management) sont utilisés pour déléguer l'accès aux ressources AWS de manière sécurisée. En attachant un rôle IAM à une instance EC2, les applications s'exécutant sur cette instance peuvent faire des appels sécurisés à d'autres services AWS sans utiliser de longues informations d'identification telles que les clés d'accès. Les rôles IAM sont la méthode recommandée pour accorder un accès sécurisé aux services AWS à partir d'instances EC2.

Answer is C

The correct answer is C: IAM roles

For allowing applications running on an Amazon EC2 instance to make secure calls to other AWS services, the recommended AWS service or feature is: C. IAM roles IAM (Identity and Access Management) roles provide a secure way to grant permissions to AWS services and resources. In this scenario, you can create an IAM role with the necessary permissions for the EC2 instance to access other AWS services. Then, you can associate the IAM role with the EC2 instance.

When an EC2 instance is launched, it can be assigned an IAM role. This role allows the applications running on the instance to make AWS API calls and work with AWS resources by assuming the role. You define the permissions for the applications using the attached IAM policies.

Answer is Security Groups... Key is: The access granted must be secure.

Using an **IAM role** to grant permissions to applications running on Amazon EC2 instances https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html

It is asking how to ensure access granted is secure- so Security groups is the right answer.

I think answer is D because Security group and IAM roles serve to define granted access. SSH keys allow to secure access.