Using Instance Profiles
An instance profile is a container for an IAM role that you can use to pass role information to an EC2 instance when the instance starts.
Managing Instance Profiles using the AWS Management Console
If you use the AWS Management Console to create a role for Amazon EC2, the console automatically creates an instance profile and gives it the same name as the role. When you then use the Amazon EC2 console to launch an instance with an IAM role, you can select a role to associate with the instance. In the console, the list that's displayed is actually a list of instance profile names. The console does not create an instance profile for a role that is not associated with Amazon EC2.
Managing Instance Profiles using the AWS CLI, Tools for Windows PowerShell, and AWS API
If you manage your roles from the AWS CLI, Tools for Windows PowerShell, or the AWS API, you create roles and instance profiles as separate actions. You can give the roles and instance profiles different names, so you have to know the names of your instance profiles as well as the names of roles they contain so that you can choose the correct instance profile when you launch an EC2 instance.
An instance profile can contain only one IAM role, although a role can be included in multiple instance profiles. This limit of one role per instance cannot be increased.
You can use the following commands to work with instance profiles in an AWS account.
Create an instance profile
Add a role to an instance profile
List instance profiles
Get information about an instance profile
Remove a role from an instance profile
Delete an instance profile
You can also attach a role to an already running EC2 instance by using the following commands. For more information, see IAM Roles for Amazon EC2.
Attach an instance profile with a role to a stopped or running EC2 instance
Get information about an instance profile attached to an EC2 instance
Tools for Windows PowerShell:
Detach an instance profile with a role from a stopped or running EC2 instance