EC2 security
Diving deeper into our VPC, we are now going to look at ways to enhance the security around our EC2 instances.
IAM Roles
IAM EC2 Roles are the recommended way to grant your application access to AWS services.
As an example, let us assume we had a web app running on our web server EC2 instance and it needs to be able to upload assets to S3.
A quick way of satisfying that requirement would be to create a set of IAM access keys and hardcode those into the application or its configuration. This however means that from that moment on it might not be very easy to update those keys unless we perform an app/config deployment. Furthermore, we might for one reason or another end up re-using the same set of keys with other applications.
The security ...
Get Implementing DevOps on AWS now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.