A company is deploying a three-tier web application consisting of a web server tier, application server tier, and a database tier. How should the organization restrict each tier to only the permissions necessary for their specific operations?
Remove all permissions from instances in each tier to maximize security and prevent potential security incidents.
Employ root user credentials for all instances to maintain simplicity in permissions management and ensure full access to resources.
Distribute administrative credentials to instances in all tiers, ensuring they have sufficient permissions for any action they might need to perform.
Assign tailored IAM roles to each EC2 instance in the respective tiers with only the permissions necessary for their functions.