IAM Quiz

B. Ensure that the Autoscaling Group attaches an IAM Role attached to the underlying EC2 Instances.

Applications must sign their API requests with AWS credentials. Therefore, if you are an application developer, you need a strategy for managing credentials for your applications that run on EC2 instances. For example, you can securely distribute your AWS credentials to the instances, enabling the applications on those instances to use your credentials to sign requests, while protecting your credentials from other users. However, it’s challenging to securely distribute credentials to each instance, especially those that AWS creates on your behalf, such as Spot Instances or instances in Auto Scaling groups. You must also be able to update the credentials on each instance when you rotate your AWS credentials.

We designed IAM roles so that your applications can securely make API requests from your instances, without requiring you to manage the security credentials that the applications use.

Option A is incorrect since using Access keys is the least secure option

Option C is incorrect since the IAM policy is not the right option , you have to use IAM Roles instead

Option D is incorrect since you need to use IAM Roles and not IAM Users

For more information on IAM Roles for EC2, please refer to the below URL

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html