In which situations should a company create an IAM user instead of an IAM role?

By:
On:
In: CLF-C01
Tagged:
With: 0 Comments

In which situations should a company create an IAM user instead of an IAM role?

(Choose two.)

When an application that runs on Amazon EC2 instances requires access to other AWS services

When the company creates AWS access credentials for individuals

When the company creates an application that runs on a mobile phone that makes requests to AWS

When the company needs to add users to IAM groups

When users are authenticated in the corporate network and want to be able to use AWS without having to sign in a second time

Explanations:

IAM roles are more suitable for applications running on EC2 instances because roles provide temporary credentials when needed.

IAM users are created to provide AWS access credentials for individual users, making this option correct.

Applications on mobile devices should use roles or Amazon Cognito for access, as roles provide temporary credentials.

IAM users can be added to IAM groups, so creating IAM users is appropriate in this case.

IAM roles are preferred for single sign-on from a corporate network, as they can assume roles without creating separate users.

Leave a Reply

Your email address will not be published. Required fields are marked *

8 − two =