DVA-C02 - Security - Section 2.2
Grant least-privilege application access using IAM roles and AWS STS temporary credentials rather than long-lived access keys.
Grant least-privilege application access by attaching IAM roles to compute resources rather than embedding long-lived access keys in code. Use AWS STS AssumeRole to obtain temporary security credentials scoped to the minimum permissions required for cross-account or cross-service access.
IAM rolesAWS STSAssumeRoleTemporary security credentials
More in this domain
Back to all Security objectives, or the DVA-C02 cert hub.
Examworthy is not affiliated with or endorsed by Amazon Web Services. Original, blueprint-aligned practice material only.