Explanation: Amazon EC2 uses SSH keys, Windows passwords, and security groups to control who has access tothe operating system of specific Amazon EC2 instances. There’s no method in the IAM system toallow or deny access to the operating system of a specific instance. http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UseCases.html