Amazon AWS SDK Uživatelský manuál stáhnout pdf (Strana 15)

Updating the Sample Program to Use IAM Roles

Next, we'll update the program to run within an EC2 instance using IAM roles.To do this, we'll take the

following actions.

1. Create an IAM role using the AWS Management Console (p.12)

2. Launch an EC2 instance with the corresponding instance profile (p. 13)

3. Remove the credentials from your source file (p. 14)

4. Transfer the modified source to your EC2 instance (p.15)

5. Run the program within the EC2 instance (p. 15)

We'll now examine each of these steps in detail.

Create an IAM role using the AWS Management Console

The first step is to create an IAM role that has the appropriate permissions.To create the IAM role, follow

the procedure Creating a IAM Role in Using IAM.

When creating the role, select Amazon EC2 as the role type, and then select Amazon S3 Read Only

Access as the permission type:

Policies can also be represented in JSON format.The following JSON block describes the policy for

Amazon S3 read-only access.

{

"Statement": [

{

"Effect": "Allow",

"Action": [

"s3:Get*",

Version v1.0.0

AWS SDK for Ruby Developer Guide

Updating the Sample Program to Use IAM Roles

1 2 ... 10 11 12 13 14 15 16 17 18 19 20 ... 25 26

Žádné komentáře

Amazon AWS SDK Uživatelský manuál Strana 15