run awless on an EC2 node with an IAM role directly

wallix / awless

A Mighty CLI for AWS

http://awless.io/

Apache License 2.0

4.97k stars 263 forks source link

run awless on an EC2 node with an IAM role directly #163

Closed sandeepkunkunuru closed 6 years ago

sandeepkunkunuru commented 6 years ago

Can awless be run on an ec2 node with an IAM role directly? i.e. without having to use access keys or .aws/credentials

fxaguessy commented 6 years ago

Yes, you can run awless on an instance on which you gave an IAM role, without any configuration.

If you want to provision such an instance with awless, have a look for example to this template which creates a role with ReadOnly permissions and create an instance with pre-installed awless.

simcap commented 6 years ago

Indeed, @sandeepkunkunuru or here is a simple blueprint on how to do it with an IAM readonly role

# my awless-template-file.aws
roleName = MyRole
create role name=$roleName principal-service="ec2.amazonaws.com" sleep-after=10
attach policy role=$roleName service=iam access=readonly
create instance name=MyInstance keypair={my-keypair}  role=$roleName

sandeepkunkunuru commented 6 years ago

Thanks this is very helpful.