A team has developed an application that works with a DynamoDB table. Now the application is going to be hosted on an EC2 Instance. Which of the following would you implement to ensure that the application has the relevant permissions to access the DynamoDB table?

Answer options:

A.Create an IAM user with the required permissions and ensure the application runs on behalf of the user on the EC2 instance.
B.Create an IAM group with the required permissions and ensure the application runs on behalf of the group on the EC2 instance.
C.Create an IAM Role with the required permissions and ensure that the Role is assigned to the EC2 Instance.
D.Create Access keys with the required permissions and ensure that the Access keys are embedded in the application.

Answer – C
This is also given in the AWS documentation.
Options A and B are incorrect since you need to use IAM Roles.
Option D is incorrect because embedding Access keys is not a secure way to access AWS resources from EC2 Instances.
For more information on managing ID’s in IAM, please refer to the below URL-
https://docs.aws.amazon.com/IAM/latest/UserGuide/id.html