An application running on EC2 needs to access an S3 bucket. What is the most secure way to grant access?
IAM roles are the secure method for granting permissions to EC2.
Why this answer
Using an IAM role attached to the EC2 instance is the most secure because it provides temporary credentials and avoids hardcoding keys. Option B (IAM user keys on the instance) is less secure. Option C (bucket policy with public access) is insecure.
Option D (pre-signed URLs) is not suitable for ongoing access.