AWS DevOps Engineer Professional DOP-C01 – Question275

You have an application running on an Amazon EC2 instance and you are using IAM roles to securely access AWS Service APIs. How can you configure your application running on that instance to retrieve the
API keys for use with the AWS SDKs?

A.
When assigning an EC2 IAM role to your instance in the console, in the "Chosen SDK" dropdown list, select the SDK that you are using, and the instance will configure the correct SDK on launch with the API keys.
B. Within your application code, make a GET request to the IAM Service API to retrieve credentials for your user.
C. When using AWS SDKs and Amazon EC2 roles, you do not have to explicitly retrieve API keys, because the SDK handles retrieving them from the Amazon EC2 MetaData service.
D. Within your application code, configure the AWS SDK to get the API keys from environment variables, because assigning an Amazon EC2 role stores keys in environment variables on launch.

Correct Answer: C