Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Associate a Role to a running AWS instance

Tags:

amazon-web-services

amazon-ec2

In order to run AWS monitoring scripts (http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/mon-scripts-perl.html) on one of my ec2 existing instance, I need a IAM role associated to the instance.

I found a lot of documentation to launch an instance with a role... But nothing to link a role to an existing instance.

Is it possible?

If not, what can I do? Launch a new instance with a role and transfert the volumes to it?

like image 377
PGuiv Avatar asked May 01 '14 20:05

PGuiv

People also ask

Can you attach a role to running EC2 instance?

To attach an IAM role to an instanceOpen the Amazon EC2 console at https://console.aws.amazon.com/ec2/ . In the navigation pane, choose Instances. Select the instance, choose Actions, Security, Modify IAM role. Select the IAM role to attach to your instance, and choose Save.

What are the benefits of using IAM roles for applications that run on EC2 instances?

Use IAM Roles/Instance Profiles instead of IAM Access Keys to appropriately grant access permissions to any application that perform AWS API requests running on your Amazon EC2 instances. With IAM roles you can avoid sharing long-term credentials and protect your instances against unauthorized access.

Can we attach running EC2 instance to ASG?

Amazon EC2 Auto Scaling provides you with the option of attaching one or more EC2 instances to your existing Auto Scaling group. After an instance is attached, it is considered part of the Auto Scaling group.

1 Answers

If not, what can I do? Launch a new instance with a role and transfert the volumes to it?

This is one option but it might take you a long time if you have a lot instances.

The other option is to simply use IAM by creating a new user then add the Amazon CloudWatch PutMetricData operation permission to that user. Then, create AWS credentials for that user and finally use them as per the docs that you specified:

Optional: If you aren't using an IAM role, update the awscreds.template file that you downloaded earlier. The content of this file should use the following format:

AWSAccessKeyId=YourAccessKeyID

AWSSecretKey=YourSecretAccessKey

Also set the environment variable AWS_CREDENTIAL_FILE to point that awscreds.template in the environment of the user that is running the mon-scripts-perl

like image 154
Rico Avatar answered Sep 19 '22 03:09

Rico
Sign in to Comment

Related questions

How can add/verify dynamically domains and email addresses to amazon SES?
AWS API Gateway MTLS client auth
beginners guide to Amazon Web Services (EC2, S3, RDS, EBS etc) [closed]
Is Amazon Web Services reasonably priced for a personal server? [closed]
Efficient way to check whether SQS queue is empty
AWS codeBuild/codePipeline with serverless framework
aws cloudwatch logs filter pattern include lines before and/or after matching pattern
Getting cognito user pool username from cognito identity pool identityId
Storing My Amazon Credentials in C# Desktop App
Logs for actions on amazon s3 / other AWS services
DynamoDB consistent reads for Global Secondary Index
Deploy a GitHub branch automatically to AWS Elastic Beanstalk
Update Amazon RDS SSL/TLS Certificates - Elastic Beanstalk
Amazon S3 architecture [closed]
AWS Elastic Beanstalk, Dockerrun.aws.json and multiple ports on docker run [duplicate]
Cant connect dynamo Db from my vpc configured lambda function
Can't get a SparkContext in new AWS EMR Cluster
AWS S3: An error occurred (AccessDenied) when calling the GetObject operation: Access Denied
Stop an Amazon EC2 instance with "instance store"
Ridiculously slow writes to Amazon DynamoDB (PHP API)

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!