More Info:

IAM Roles/Instance profiles should be used instead of IAM Access Keys to appropriately grant access permissions to any application that perform AWS API requests running on your EC2 instances.

Risk Level

Medium

Address

Security

Compliance Standards

SOC2, NIST

Triage and Remediation

Remediation

Using Console

Additional Reading: