Which of the following items are required to allow an application deployed on an EC2 instance to write data to a DynamoDB table? Assume that no security keys are allowed to be stored on the EC2 instance.
Choose 2 answers from the options below.
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - A and B.
The AWS documentation mentions the following.
We designed IAM roles so that your applications can securely make API requests from your instances, without requiring you to manage the security credentials that the applications use.
Instead of creating and distributing your AWS credentials, you can delegate permission to make API requests using IAM roles
For more information on IAM Roles, please refer to the below URL:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.htmlThe two correct answers are A and B.
To allow an application deployed on an EC2 instance to write data to a DynamoDB table, you can use an IAM role. IAM roles are temporary security credentials that can be assumed by EC2 instances, applications, or services in order to access AWS resources securely.
Here's how you would set up an IAM role to allow write access to a DynamoDB table:
A. Create an IAM Role that allows write access to the DynamoDB table.
B. Add an IAM Role to a running EC2 instance.
After completing these steps, the EC2 instance will have the necessary permissions to write data to the DynamoDB table using the IAM role you created.
Option C and D are not correct because IAM users are meant for human users and are not suitable for granting access to applications running on EC2 instances. IAM roles are the recommended way to grant permissions to EC2 instances, as they can be easily managed and rotated without requiring changes to the EC2 instances themselves.