A company’s web application requires AWS credentials and authorizations to use an AWS service.
Which IAM entity should the company use as best practice?
IAM role
IAM user
IAM group
IAM multi-factor authentication (MFA)
Explanations:
An IAM role is the best practice for granting temporary credentials to web applications, as it allows secure access to AWS resources without using long-term keys.
An IAM user would require long-term credentials, which is less secure and not recommended for applications that only need temporary access to AWS resources.
IAM groups are used to manage permissions for multiple users but are not used directly by applications to obtain temporary credentials for AWS services.
IAM multi-factor authentication (MFA) enhances security for users but does not grant credentials or access permissions needed by web applications.