What is the primary purpose of AWS IAM roles?

The primary purpose of AWS IAM (Identity and Access Management) roles is to delegate permissions to AWS services securely without relying on static credentials, which is precisely what makes option C the correct choice. IAM roles are designed to provide temporary access to AWS resources, enabling users or services to perform actions on those resources while maintaining security best practices.

IAM roles are particularly useful when you want to safeguard your application, systems, or users from exposing long-term credentials. Instead of embedding credentials directly in the code or configuration files, roles allow you to assign permissions dynamically to entities such as AWS Lambda functions, EC2 instances, or other AWS services. This enhances security, as the roles can grant the necessary permissions only for the time that those services require them, reducing the potential for unauthorized access.

The other options focus on specific functionalities that fall outside the scope of what IAM roles are established for. Storing data in Amazon S3 relates to data management rather than permission delegation, managing billing and accounts pertains to financial aspects of your AWS usage, and providing network security features is related to the protection of data during transit and at rest, typically involving services like AWS VPC, rather than IAM roles. Thus, option C accurately reflects the core function of AWS IAM roles in the context