Reputation: 545
IAM role for AWS workspace
I have created a AWS workspaces for some users. is there any way we can add IAM role with AWS workspaces same as we do with EC2 instances, So that they do not need AWS keys and can access AWS services as per IAM role attached with workspace?
Upvotes: 6
Views: 4558
Answers (2)
Reputation: 433
In the environment I'm using, the amazon-ssm-agent periodically refreshes credentials, which can be seen in the file /root/.aws/credentials.
A call to sudo aws sts get-caller-identity returns the role currently in use, in this case the default: AmazonEC2RunCommandRoleForManagedInstances.
You can swap what role a workspace uses through the ssm fleet manager. But you can also added policies to the default role.
This has worked for me so far.
Upvotes: 0
Reputation: 269302
No. Obtaining credentials via IAM Roles uses the Amazon EC2 Metadata Service, which is not available for Amazon Workspaces.
You will need users to add IAM User credentials to a local credentials file.
Upvotes: 3
Related Questions
- IAM Roles and instance profile
- How to assign IAM role to users or groups
- AWS IAM roles and STS
- Conditions for an AWS IAM Role
- AWS IAM ROLE to access multiple services
- AWS: Assinging IAM roles to IAM users
- Applying IAM roles to ECS instances
- AWS IAM Roles for SQS
- Adding permission to IAM role
- How can we apply IAM Roles to an ec2 instance?