An organization is running a web service on a fleet of compute instances within a cloud environment. The service needs fine-grained access to a NoSQL database to perform select data retrieval operations. What is the MOST secure method to provision this access while adhering to best practices for credentials management?
Manually rotate and distribute new API keys periodically to the instances and update the service configuration accordingly.
Utilize a user management service to create unique users for every instance, granting them individual permissions to access the database.
Generate a fixed database user with credentials stored in the web service's configuration files on each instance.
Attach an instance profile associated with a role that has the necessary permissions to the compute instances.