AWS Identity and Access Management (IAM) roles for EC2 instances make it easier for you to access other AWS services securely from within the EC2 instances. EC2 instances launched with an IAM role automatically have AWS security credentials available.
You can use IAM roles with Auto Scaling to automatically enable applications running on your EC2 instances to securely access other AWS resources.
To launch EC2 instances with an IAM role in Auto Scaling, you'll have to create an Auto Scaling launch configuration with an EC2 instance profile. An instance profile is simply a container for an IAM role. First, create an IAM role that has all the permissions required to access the AWS resources, then add your role to the instance profile.
For more information about IAM roles and instance profiles, see Delegating API Access by Using Roles in the IAM User Guide guide.
Use these steps for launching Auto Scaling instances with an IAM role. Before you walk, be sure you've completed the following steps using IAM:
Create an IAM role.
Create an instance profile.
Add the IAM role to the instance profile.
Retrieve the name of the instance profile or the full Amazon Resource Name (ARN) of the instance profile.
For more information about creating and managing an IAM role, see Create a Role in the IAM User Guide guide.
When you create the launch configuration, specify the name of the instance profile or the full ARN of the instance profile.
For example, use the following create-launch-configuration command:
aws autoscaling create-launch-configuration --launch-configuration-name
Create your Auto Scaling group, specifying the launch configuration that you just created.
For example, use the following create-auto-scaling-group command:
aws autoscaling create-auto-scaling-group --launch-configuration-name