Mac ec2 instance is not allowed to upload files to s3 without using access key/private key

Question

We have Windows ec2 instances with roles and policies configured to allow access (read/write) to s3 bucket and the python code running in this instance is not providing access key and private key and it is working fine. The same approach applied for ec2 mac instances is not working. I'd like to know,  Is this supported on Mac instances?

The error message from python code running in EC2 mac instance is: botocore.exceptions.ClientError: An error occurred (AccessDenied) when calling the PutObject operation: Access Denied

The Policy action associated to the machine role is: "Action": "s3:*",

Answer

IAM roles can be used on Mac instances as well, since it is possible to connect with Session Manager using IAM roles.  
Can you run the following command to check IAM roles without setting access keys, etc.?  
```
aws sts get-caller-identity
```
Or can I run the following command on EC2 to get the IAM roles from the metadata?  
```
TOKEN=`curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600"` \
&& curl -H "X-aws-ec2-metadata-token: $TOKEN" –v http://169.254.169.254/latest/meta-data/iam/security-credentials/
```
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html

If you cannot access the metadata, access to the metadata may be disabled, so please enable it with the following AWS CLI command.  
```
aws ec2 modify-instance-metadata-options --instance-id i-xxxxxxx --http-endpoint enabled
```
https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/modify-instance-metadata-options.html

Mac ec2 instance is not allowed to upload files to s3 without using access key/private key

Relevant content