Exam AWS Certified Cloud Practitioner topic 1 question 279 discussion

C. Use an IAM role with the necessary permissions.

AWS security best practices recommend using IAM roles to grant permissions to AWS resources, including S3 buckets. By attaching an IAM role to the EC2 instances, applications running on those instances can securely access the S3 bucket without needing to use access keys or credentials directly. This approach provides a more secure and manageable way to grant access to AWS resources from EC2 instances.

C. Use an IAM role with the necessary permissions.

https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html

correct

C is the answer.

"Use IAM roles for applications and AWS services that require Amazon S3 access

Use IAM roles for applications and AWS services that require Amazon S3 access For applications on Amazon EC2 or other AWS services to access Amazon S3 resources, they must include valid AWS credentials in their AWS API requests. You should not store AWS credentials directly in the application or Amazon EC2 instance. These are long-term credentials that are not automatically rotated and could have a significant business impact if they are compromised. Instead, you should use an IAM role to manage temporary credentials for applications or services that need to access Amazon S3. When you use a role, you don't have to distribute long-term credentials (such as a user name and password or access keys) to an Amazon EC2 instance or AWS service such as AWS Lambda. The role supplies temporary permissions that applications can use when they make calls to other AWS resources.

"Use IAM roles for applications and AWS services that require Amazon S3 access" https://docs.aws.amazon.com/AmazonS3/latest/userguide/security-best-practices.html