Which solution will grant the application access to the table in the MOST secure manner?
- Create an IAM group for the application and attach a permissions policy with the necessary privileges. Add the EC2 instances to the IAM group.
- Create an IAM resource policy for the DynamoDB table that grants the necessary permissions to Amazon EC2.
- Create an IAM role with the necessary privileges to access the DynamoDB table. Associate the role with the EC2 instances.
- Create an IAM user for the application and attach a permissions policy with the necessary privileges. Generate an access key and embed the key in the application code.
An IAM role [1] can be used to provide permissions for applications that are running on Amazon EC2 instances to make AWS API requests using temporary credentials.
[1] https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/authentication-and-access-control.html