- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
When you create a role for EC2 https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#create-iam-role you should select EC2 as the service in the first screen of the IAM create role UI. This service is the one that has permission to assume the role, so you need to grant EC2 permission to assume the role in order to provide the credentials to the instance.
On the next screen where you are attaching policies to the role, you would select SecretsManagerReadWrite which grants permission for "secretsmanager:*" as well as a number of other permissions. Alternatively, if you know exactly what permissions you need on the instance, you could skip attaching a policy and write a stripped down in-line policy to provide least privileges to the instance.
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor einem Jahr
- AWS OFFICIALAktualisiert vor 3 Jahren
- AWS OFFICIALAktualisiert vor 8 Monaten
- AWS OFFICIALAktualisiert vor einem Jahr