CLF-C02 Domain 2: Security and Compliance

Which IAM entity is intended for applications and AWS services to call AWS APIs?

Multiple choice — select one answer

Answer choices

  1. a. Public access keys in code repos, without security or identity team coordination per policy.
  2. b. Rely on IAM role alone while omitting the cross-service integration the workload needs
  3. c. Root user for daily tasks, without security or identity team coordination per policy.
  4. d. IAM role

Architectural breakdown & explanation

Roles provide temporary credentials without embedding long-term keys.

Correct answer(s): d. IAM role

Exam domain: Domain 2: Security and Compliance (30% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the AWS Certified Cloud Practitioner bank. Run a full timed practice exam with domain-weighted random questions in your browser.