AWS Certified Solutions Architect Associate SAA-C03 Practice Question
An organization is running a web service on a fleet of compute instances within a cloud environment. The service needs fine-grained access to a NoSQL database to perform select data retrieval operations. What is the MOST secure method to provision this access while adhering to best practices for credentials management?
Utilize a user management service to create unique users for every instance, granting them individual permissions to access the database.
Attach an instance profile associated with a role that has the necessary permissions to the compute instances.
Manually rotate and distribute new API keys periodically to the instances and update the service configuration accordingly.
Generate a fixed database user with credentials stored in the web service's configuration files on each instance.