AWS Certified Solutions Architect – Professional — Question 464

Which of the following is true while using an IAM role to grant permissions to applications running on Amazon EC2 instances?

Answer options

• A. All applications on the instance share the same role, but different permissions.
• B. All applications on the instance share multiple roles and permissions.
• C. Multiple roles are assigned to an EC2 instance at a time.
• D. Only one role can be assigned to an EC2 instance at a time.

Correct answer: D

Explanation

An Amazon EC2 instance can only be associated with a single IAM role at any given time, meaning all applications running on that instance share the same role and permissions. It is not possible to attach multiple IAM roles to a single EC2 instance simultaneously, making option D the correct statement. Options A and B are incorrect because applications on the same instance cannot have different roles or distinct permissions derived from multiple roles.