A developer is working on an application that is deployed on an Amazon EC2 instance. The application needs to transfer a file to an Amazon S3 bucket.
What should the developer do to authenticate the application's access to the S3 bucket in the MOST secure way?
A. Create an access key for an IAM user. Store the access key in the application's environment variables.
B. Create an IAM role. Create an access key for the role. Store the access key in the application's environment variables.
C. Associate an IAM role with the EC2 instance. Use the instance metadata service to retrieve the credentials.
D. Configure a bucket policy for the S3 bucket. Allow access from the EC2 instance ID in the bucket policy.
What should the developer do to authenticate the application's access to the S3 bucket in the MOST secure way?
A. Create an access key for an IAM user. Store the access key in the application's environment variables.
B. Create an IAM role. Create an access key for the role. Store the access key in the application's environment variables.
C. Associate an IAM role with the EC2 instance. Use the instance metadata service to retrieve the credentials.
D. Configure a bucket policy for the S3 bucket. Allow access from the EC2 instance ID in the bucket policy.