Correct answer - "Use an IAM role" : This is the most secure option as the role assigned to EC2
can be used to access S3 without storing any credentials onto the EC2 instance.
"Create an IAM programmatic user and store the access key and secret access key on the EC2
~/.aws/credentials file." - While this would work, this is deeply unsecure as
anyone gaining access to the EC2 instance would be able to steal the credentials stored in that
file.
"Use EC2 User Data" - EC2 User Data is used to run bootstrap scripts at an instance's first
launch.
"Create an S3 bucket policy which authorises public access" - While this would work, it would
allow anyone to access your S3 bucket files which is very insecure.