Roles are used to allow AWS services to perform actions on your behalf.Roles are used to grant specific privileges to specific actors.

roles - if check 14803 - ROLES APPLICATIONS Roles are more secure than storing your access key and secret access key on individual EC2

roles - if check 14803 - ROLES APPLICATIONS Roles are easier to manage.

roles - if check 14803 - ROLES APPLICATIONS Previously this option is not available.

roles - if check 14803 - ROLES APPLICATIONS Roles are universal,you can use them in any region.

Steps to create a role and attaching to EC2 instance.

  1. Navigate to IAM dashboard to create an IAM role
  2. Select Roles option from dashboard and select“Create Role”option.
IAM ROLES roles - 97 - ROLES APPLICATIONS

3. We have four option in the roles,We are going to create this role under“AWS Services”, and select the EC2.

4. After selecting EC2,we have to select the appropriate UseCase. We would like to call some AWS services on our behalf to the EC2 instance.Select EC2 and click on Next:Permissions

IAM ROLES roles - 98 - ROLES APPLICATIONS

5. In this step,we have to select the policy,you can generate a new policy based on your requirement or choose existing policy.

For AWS Support  9160565554

Send Enquiries : sales@fgrade.com 

IAM ROLES roles - 99 - ROLES APPLICATIONS

6. Select appropriate role,based on your requirement,am selecting Administrator Access role Then Select Review.

7. In review page,Give a name for the role and a valid description and select Create Role option.

IAM ROLES roles - 100 1 - ROLES APPLICATIONS

8. Now launch an EC2 instance and try to access/call any AWS service to verify the role.

IAM ROLES roles - 101 - ROLES APPLICATIONS

9.Logged into EC2 instance and elevated privileges to root and trying to find the .aws directory under / , but we cannot find, That means we don’t have any credentials on instance.

roles - 102 - ROLES APPLICATIONS

10. Try to access any AWS service,here am trying to list the S3 buckets by AWS s3is command.

IAM ROLES roles - 103 - ROLES APPLICATIONS

11. we are able to access the resources and now here storing the access key ID and secret access key.

Steps to Attach/Replace role from a Running Instance

  1. Select the Instance and go to Actions button and we can find Attach/Replace IAM Role under Instance Settings.
IAM ROLES roles - 104 - ROLES APPLICATIONS

2.Select IAM role filed,automatically it will drop down the available roles along with No Role option,Select the required option and click on Apply.It will take effect immediately.

IAM ROLES roles - 105 - ROLES APPLICATIONS

Instance Metadata:

Instance meta data is data about your instance that you can use to configure or manage the running instance.This is unique in that it is a mechanism to obtain AWS properties of the instance from with in the OS.By using below URL we can query the local  instance metadata.

roles - green globe right arrow 559 150x150 - ROLES APPLICATIONS Curl http://169.254.169.254/latest/meta-data/

roles - green globe right arrow 559 150x150 - ROLES APPLICATIONS When you enter this URL,it’ll return with all the available information to get.We can give the required option after meta-data/you’ll get the information.

Steps to get the instance Metadata:
  1. I’ve logged into my EC2 instance
  2. Enter the metadata url
IAM ROLES roles - 106 - ROLES APPLICATIONS

3. It is returned with all the available option,now whatever the information you want to get, give it along with the URL.

Ex: if you want to know hostname, give as Curl http://169.254.169.254/latest/meta-data/hostname

IAM ROLES roles - 107 - ROLES APPLICATIONS

More Information :https://www.fgrade.com/aws/