🔥 3-day streak
AWS Certified CloudOps Engineer - Associate101 / 159
Question 101 of 159

A CloudOps engineer discovers that an application running on EC2 instances authenticates to Amazon S3 using long-lived IAM user access keys that are hardcoded in a configuration file. A recent security audit flagged this as a compliance violation because the keys have not been rotated in over a year and could be exposed. The engineer must remediate the finding while ensuring the application continues to access S3 with the least operational overhead. What should the engineer do?

Reviewed for accuracy · Report an issueNext question