Using IAM Roles for EC2 Instances

When working with AWS EC2 instances, securely managing permissions is crucial. Instead of manually configuring AWS credentials (which is insecure), we use IAM roles to grant access to AWS services. This article walks through setting up IAM roles for an EC2 instance and why it’s the best practice.

1. Connecting to an EC2 Instance

To begin, connect to your EC2 instance using either:

• SSH (via terminal or PuTTY)
• EC2 Instance Connect (browser-based SSH)

For simplicity, EC2 Instance Connect is used in this example.

Steps to Connect:

1. Navigate to AWS EC2 Console.
2. Select your EC2 instance and click "Connect".
3. Choose "EC2 Instance Connect" and click "Connect".
4. Once inside, verify your connection by running:

Expected output: ec2-user

```
whoami
```

2. Why You Shouldn’t Manually Configure AWS Credentials

When running AWS CLI commands (e.g., listing IAM users):

aws iam list-users

You might see an error:

"Unable to locate credentials. You can configure credentials by running 'aws configure'."

AWS suggests configuring credentials using: