Deleted roles are being shown in Instance's IAM Role List
The highlighted role "InstanceS3FullAccessRole" is not from my IAM Console and deleted a long back but still appears in this list.
When applied, it has no effect which creates confusion.
I tried creating new roles and deleting them also removes them from this list but not the "InstanceS3FullAccessRole".
How do I get rid of it? Is it a bug?
- 最新
- 投票最多
- 评论最多
Hello.
I think the instance profile remains.
In EC2, IAM roles are not attached directly, but to a resource called an instance profile.
Therefore, even if the IAM role is deleted, if the instance profile remains, it will be displayed when creating EC2.
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html
Try finding the instance profile with the AWS CLI command below.
https://awscli.amazonaws.com/v2/documentation/api/latest/reference/iam/list-instance-profiles.html
aws iam list-instance-profiles --query "InstanceProfiles"[]."InstanceProfileName"
If it is not needed, you can delete it using the following command.
https://awscli.amazonaws.com/v2/documentation/api/latest/reference/iam/delete-instance-profile.html
aws iam delete-instance-profile --instance-profile-name InstanceS3FullAccessRole
AWS CLI commands can be executed from CloudShell.
https://docs.aws.amazon.com/cloudshell/latest/userguide/welcome.html
相关内容
AWS 官方已更新 3 年前
