Reputation: 4511
How can we apply IAM Roles to an ec2 instance?
I am exploring amazon IAM Roles. I want to know how can we apply IAM roles to an ec2 instance to access an application.
Any lead is highly appreciated.
Thanks
Upvotes: 2
Views: 1172
Answers (1)
Reputation: 14905
You can attach a Role to an Instance to provide this instance with specific permissions to use AWS API.
For example : You deploy a Java application on Tomcat and you want your application to use DynamoDB or S3 ... you need an ACCESS KEY and SECRET KEY with proper permission. How would your application get these ? A configuration file ? Burned into the AMI ? Stored in a database ? ... none of these are secure and manageable at large scale.
This is where Role kicks in.
- you define a role in IAM and attach a couple of permission to it.
- when you create the instance, you attach the role (you can not do that at a later time !)
- from the instance, a private web service will give access to temporary ACCESS KEY and SECRET KEY, limited to the permissions specified in the role.
The best part is that AWS SDK are knowing about that and can dynamically and automatically get the keys for you.
Check out the doc for more details : http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html
Upvotes: 3
Related Questions
- IAM Roles and instance profile
- How to assign IAM role to users or groups
- How to add an IAM role to an existing instance in AWS?
- Attach IAM role to multiple EC2 instances
- AWS: Assinging IAM roles to IAM users
- Is there any alternative to add IAM role to my Running EC2 instance?
- Applying IAM roles to ECS instances
- How to apply IAM Role to EC2 instance?
- How can I create IAM Roles for Amazon EC2?
- how do I launch ec2-instance with iam-role?