如何为Amazon EC2创建IAM角色? [英] How can I create IAM Roles for Amazon EC2?

问题描述

我正在探索IAM角色.我想知道如何在EC2上代表用户访问角色.

I am exploring IAM Roles. I am wondering how roles can be accessed on behalf of a user on EC2.

我们非常感谢您的帮助.

Any help is highly appreciated.

谢谢

推荐答案

使用

You usually do not have to do anything special after launching an EC2 instance with an IAM Role for Amazon EC2 (I figure from your duplicate questions, that you've already done this), conceptually all you have to do are the following steps:

1. 为EC2创建IAM角色
2. 为该角色配置IAM策略以匹配您的用例
3. 使用您的IAM角色启动EC2重要性
4. 使用IAM角色识别工具，该工具会自动从角色中获取凭据

1. create an IAM role for EC2
2. configure IAM policies for that role to match your use case
3. launch an EC2 isntance with your IAM role
4. use IAM role aware tools, which will pick up the credentials from the role automatically

让我再次强调最后一个方面:您无需执行任何操作，只需在角色上配置所需的IAM凭据，并且IAM角色感知工具将从EC2实例元数据中自动提取结果凭据！

Let me stress the last aspect again: you do not need to do anything but configure the required IAM credentials on the role and IAM role aware tools will pick the resulting credentials up automatically from the EC2 instance metadata!

• 如果确实需要(但不应该，请参见下一段)，则可以按照尤其是，对于高度特殊的用例，您应仅通过以下方式之一使用AWS:

  In particular, you should use AWS only by one of the following means for everything but highly special use cases:

  • Unix/Linux/Windows-使用 AWS命令行界面，它是用于管理您的AWS服务的统一工具.
    • 请参见
    • Unix/Linux/Windows - use the AWS Command Line Interface, which is a unified tool to manage your AWS services.
      • see Option #3 within AWS Credentials regarding the IAM role support
      • 请参阅使用适合您选择的语言的AWS开发工具包，请参阅 Amazon Web Services工具广泛列出可用的内容.

        Use the appropriate AWS SDK for your language of choice, see Tools for Amazon Web Services for an extensive listing of what's available.

        • 有关IAM角色支持的详细信息，请参见每个SDK的文档(同样，在正确实施上述步骤1-3之后，它才可以工作.)

        这篇关于如何为Amazon EC2创建IAM角色?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！