AWS Certified Developer Associate DVA-C01 – Question244

A Developer has code running on Amazon EC2 instances that needs read-only access to an Amazon DynamoDB table.
What is the MOST secure approach the Developer should take to accomplish this task?

A.
Create a user access key for each EC2 instance with read-only access to DynamoDB. Place the keys in the code. Redeploy the code as keys rotate.
B. Use an IAM role with an AmazonDynamoDBReadOnlyAccess policy applied to the EC2 instances.
C. Run all code with only AWS account root user access keys to ensure maximum access to services.
D. Use an IAM role with Administrator access applied to the EC2 instance.

Correct Answer: D