which of the following NOT true about delegating permis…

In the context of IAM roles for Amazon EC2, which of the following NOT true about delegating
permission to make API requests?

In the context of IAM roles for Amazon EC2, which of the following NOT true about delegating
permission to make API requests?

A.
You cannot create an IAM role.

B.
You can have the application retrieve a set of temporary credentials and use them.

C.
You can specify the role when you launch your instances.

D.
You can define which accounts or AWS services can assume the role.

Explanation:
Amazon designed IAM roles so that your applications can securely make API requests from your
instances, without requiring you to manage the security credentials that the applications use.
Instead of creating and distributing your AWS credentials, you can delegate permission to make
API requests using IAM roles as follows: Create an IAM role. Define which accounts or AWS
services can assume the role. Define which API actions and resources the application can use
after assuming the role. Specify the role when you launch your instances. Have the application
retrieve a set of temporary credentials and use them.
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html



Leave a Reply 3

Your email address will not be published. Required fields are marked *


VSR

VSR

B it is!

Donathon Ong

Donathon Ong

The answer says “cannot” which is not true.

Nepoleon

Nepoleon

A is the Correct One