1 Answer
- Newest
- Most votes
- Most comments
0
IAM roles can be used on Mac instances as well, since it is possible to connect with Session Manager using IAM roles.
Can you run the following command to check IAM roles without setting access keys, etc.?
aws sts get-caller-identity
Or can I run the following command on EC2 to get the IAM roles from the metadata?
TOKEN=`curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600"` \
&& curl -H "X-aws-ec2-metadata-token: $TOKEN" –v http://169.254.169.254/latest/meta-data/iam/security-credentials/
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html
If you cannot access the metadata, access to the metadata may be disabled, so please enable it with the following AWS CLI command.
aws ec2 modify-instance-metadata-options --instance-id i-xxxxxxx --http-endpoint enabled
Relevant content
- Accepted Answerasked 2 years ago
- Accepted Answerasked a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 6 months ago