AWS Certified Cloud Practitioner (CLF-C02) — Question 73

A user wants to allow applications running on an Amazon EC2 instance to make calls to other AWS services. The access granted must be secure.
Which AWS service or feature should be used?

Answer options

• A. Security groups
• B. AWS Firewall Manager
• C. IAM roles
• D. IAM user SSH keys

Correct answer: C

Explanation

The correct answer is IAM roles, as they allow EC2 instances to assume permissions securely and access other AWS services without embedding credentials. Security groups and AWS Firewall Manager are focused on network security, while IAM user SSH keys are used for user authentication rather than providing service access.