Attaching AWS IAM Roles To EC2 Instances
Attach an AWS IAM Role to an Existing EC2 Instance
You can now attach or replace an AWS Identity and Access Management (IAM) role to your existing Amazon EC2 instance. IAM roles enable your applications running on EC2 to use temporary security credentials that AWS creates, distributes, and rotates automatically. Using temporary credentials reduces the risk of long-term key compromise.
A role can be assigned whilst the EC2 instance is running and takes affect immediately.
Overview of the Solution.
- Create the IAM Role.
- Assign to Matillion ETL EC2 instance.
Create an IAM role
Note: Skip this section if you want to assign an existing role.
- Sign in to the IAM console at https://console.aws.amazon.com/iam/.
- In the navigation pane, choose Roles, Create New Role.
- On the Set Role Name page, enter a name (e.g. MatillionRole) for the role and choose Next Step.
- On the Select Role Type page, choose Select next to Amazon EC2.
- On the Attach Policy page, add managed policies defined here.
Assign an IAM Role to a Matillion ETL instance
- In the navigation pane, choose EC2 Dashboard.
- Select the EC2 instance for Matillion ETL.
- From the Actions menu, choose Instance Settings → Attach/Replace IAM Role
- Choose the role from the drop-down and click Apply.