AWS advises to store credentials on EC2 instances instead of using IAM roles. Is this statement true or false?

Storing credentials on EC2 instances is not advisable, making the statement false. Instead, AWS encourages the use of IAM roles for EC2 instances. IAM roles provide a secure and efficient way to manage access to AWS resources without the need to hard-code credentials into the instance.

When IAM roles are assigned to EC2 instances, they automatically provide temporary security credentials to applications running on the instance, which can be rotated automatically. This eliminates the risks associated with static credentials which might be leaked or compromised. Using IAM roles enhances security best practices by minimizing credential exposure and streamlining credential management.

The advantages of using IAM roles include improved security and reduced operational overhead. By avoiding storing long-term credentials on the instance, you also reduce the risk of those credentials being exposed if the instance is compromised. Overall, leveraging IAM roles aligns with cloud security principles, providing a more robust and manageable solution for access control.