Posted On: Apr 20, 2017

You can now attach or replace an AWS Identity and Access Management (IAM) role to your existing Amazon EC2 instances in the AWS GovCloud region. 

AWS IAM roles enable your applications running on Amazon EC2 to use temporary security credentials that AWS creates, distributes, and rotates automatically. Using temporary credentials reduces the risk of long-term key compromise. 

Starting today, you can enable your applications in the AWS GovCloud region to use temporary security credentials provided by AWS by attaching an IAM role to an existing EC2 instance, without relaunching the instance. You can also replace the IAM role attached to an existing EC2 instance, without terminating mission-critical workloads.

To enable IAM roles for your existing EC2 instances, follow the example described in the AWS Security Blog post