AWS Security Blog
Tag: Instance profiles
How to use policies to restrict where EC2 instance credentials can be used from
March 7, 2023: We’ve added language clarifying the requirement around using VPC Endpoints, and we’ve corrected a typo in the S3 bucket policy example. Today AWS launched two new global condition context keys that make it simpler for you to write policies in which Amazon Elastic Compute Cloud (Amazon EC2) instance credentials work only when […]
How to Help Lock Down a User’s Amazon EC2 Capabilities to a Single VPC
As a cloud support engineer, I am frequently asked this question: “How can I lock down my user’s Amazon EC2 access to a single VPC?” This blog post will answer the question and explain how you can help control this level of access through the use of AWS Identity and Access Management (IAM) policies and […]
New in AWS Elastic Beanstalk: Support for Federation and Instance Profiles
In September, the AWS Elastic Beanstalk team announced two new features that involve roles: support for federation and support for instance profiles. Support for federated users means that people in your organization can sign in to the AWS Management Console and manage Elastic Beanstalk using their own credentials, without having to have a IAM user […]
Granting Permission to Launch EC2 Instances with IAM Roles (PassRole Permission)
When you launch an Amazon EC2 instance, you can associate an AWS IAM role with the instance to give applications or CLI commands that run on the instance permissions that are defined by the role. When a role is associated with an instance, EC2 obtains temporary security credentials for the role you associated with the […]