User guide
your Amazon EC2 instance. When you create the Amazon EC2 instance, specify the IAM role that you
created previously in the IAM console.
When you create your Amazon EC2 instance, you will also need to specify a key pair and a security
group. Specify a key pair for which you have the private key (PEM file) stored on your local computer.
Specify a security group that will enable you to connect to your Amazon EC2 instance using RDP (port
3389). Information about key pairs and security groups is provided in the Amazon Elastic Compute Cloud
User Guide.
For information about how to programmatically launch an Amazon EC2 instance with an IAM role, see
Launch Amazon EC2 Instances (p. 48).
Edit the Source File to Remove the Credentials
Edit the source for the program so that it does not specify any credentials in the call that creates the
Amazon S3 client. In this new version of the program, the call to CreateAmazonS3Client no longer
takes any parameters.
using ( client = Amazon.AWSClientFactory.CreateAmazonS3Client() ) {
Build the modified program.You might actually run the program on your local computer to verify that it
does not work without credentials; you will get an Amazon Service Exception.
using System;
using System.Configuration;
using System.Collections.Specialized;
using System.IO;
using Amazon.S3;
using Amazon.S3.Model;
namespace s3.amazon.com.docsamples.retrieveobject
{
class S3Sample
{
static string bucketName = "text-content";
static string keyName = "text-object.txt";
static IAmazonS3 client;
public static void Main(string[] args) {
NameValueCollection appConfig = ConfigurationManager.AppSettings;
string responseBody;
try {
using (client = Amazon.AWSClientFactory.CreateAmazonS3Client(RegionEnd
point.USWest2)) {
Console.WriteLine("Retrieving (getting) an object");
GetObjectRequest request = new GetObjectRequest() {
BucketName = bucketName,
Key = keyName
};
Version v2.0.0
36
AWS SDK for .NET Developer Guide
Walkthrough: Using IAM Roles to Retrieve an Amazon
S3 Object from an Amazon EC2 Instance