Identify a true statement about using an IAM role to grant permissions to applications running on
Amazon EC2 instances.
A.
When AWS credentials are rotated, developers have to update only the root Amazon EC2
instance that uses their credentials.
B.
When AWS credentials are rotated, developers have to update only the Amazon EC2 instance on
which the password policy was applied and which uses their credentials.
C.
When AWS credentials are rotated, you don’t have to manage credentials and you don’t have to
worry about long-term security risks.
D.
When AWS credentials are rotated, you must manage credentials and you should consider
precautions for long-term security risks.
Explanation:
Using IAM roles to grant permissions to applications that run on EC2 instances requires a bit of
extra configuration. Because role credentials are temporary and rotated automatically, you don’t
have to manage credentials, and you don’t have to worry about long-term security risks.
http://docs.aws.amazon.com/IAM/latest/UserGuide/role-usecase-ec2app.html