Register
You are working in the media industry, and you have created a web application where users will be able to upload photos they create to your website. This web application must be able to call the S3 API
101k views
1 vote
You are working in the media industry, and you have created a web application where users will be able to upload photos they create to your website. This web application must be able to call the S3 API in order to be able to function. Where should you store your API credentials while maintaining the maximum level of security.

User Cruizer
by
6.4k points

2 Answers

5 votes

Answer:

B. Don't save your API credentials. Instead create a role in IAM and assign this role to an EC2 instance when you first create it.

Step-by-step explanation:

The missing options is:

A. Save the API credentials to your php files.

B. Don't save your API credentials. Instead create a role in IAM and assign this role to an EC2 instance when you first create it.

C. Save your API credentials in a public Github repository.

D. Pass API credentials zto the instance using instance userdata.

The API credentials are confidential information that shouldn't be stored at all or in a place that allows public access to it.

The following steps are use when creating and distributing your AWS credentials, you can delegate permission to make API requests using IAM roles as follows:

1. Create an IAM role.

2. Define which accounts or AWS services can assume the role.

3. Define which API actions and resources the application can use after assuming the role.

4. Specify the role when you launch your instance, or attach the role to an existing instance.

So from the above explanation, the answer is: B. Don't save your API credentials. Instead create a role in IAM and assign this role to an EC2 instance when you first create it.

User Michael Garito
by
5.7k points
0 votes

Answer:

Don't save your API credentials. Instead create a role in IAM and assign this role to an EC2 instance when you first create it

Step-by-step explanation:

If the aim of the web application is to call the S3 API, for proper functioning, there is no need to store the API credentials to maintain a maximum level of security. All you need to do is to create a role in IAM and then assign the created role to an EC instance at the first moment that it was created. This would ensure that the highest level of security, while still achieving the aim of allowing your web application function properly.

User Paul Ruiz
by
6.1k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

7.2m questions

9.7m answers

Other Questions

Seven basic internal components found in a computer tower
describe an advance in technology that makes life more enjoyable. what discoveries contribute to this technology?
This is science they just dont have the subject buy anyways  describe interactions you have with the environment that you depend on to meet your basic needs hope u can help
If a person sends email from a school computer or a business computer, should that message be considered private? Does the institution or person that owns the computer from which email is sent have a right
True or false 1) high resolution images show greater detail & more subtle color transition than low resolution images. 2 ) you can search for multiple words in the search text box by inserting commas between
Link Copied!