AWS Certified Developer Associate DVA-C02 Practice Question
An engineer needs to automate resource management on a virtual server hosted on a cloud platform. The application must abide by security best practices and not use long-term static credentials. What is the most secure approach for the engineer to facilitate necessary permissions for the application?
Configure the virtual server to use the cloud platform's root user credentials for all management tasks.
Attach an IAM role to the virtual server which has policies corresponding to the required level of access for the application.
Distribute a static user's access and secret keys to the application through the virtual server's launch configuration.
Place access credentials within the application's source code and configure it to reference these for making service requests.
Embed static access credentials with extensive permissions in the environment variables of the virtual server for application use.
Attaching an IAM role to the virtual server instance is considered a security best practice as it provides temporary credentials that are automatically rotated and do not require management or embedding in the application's code. Directly embedding static long-term credentials or using root account credentials is strongly discouraged due to the heightened risk of compromise and the likelihood of violating the principle of least privilege.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an IAM role in cloud computing?
Open an interactive chat with Bash
What are security best practices for using cloud resources?
Open an interactive chat with Bash
Why is embedding static access credentials considered risky?
Open an interactive chat with Bash
AWS Certified Developer Associate DVA-C02
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access