Manualshelf

User guide

ManualsBrandsAmazon ManualsComputer equipmentAWS SDK
31323334353637383940
Related Resources
The following table lists related resources that you'll find useful when using Amazon EC2 with the AWS
SDK for Java.
DescriptionResource
Provides sample code, documentation, tools, and additional
resources to help you build applications on Amazon Web
Services.
Java Developer Center
Provides documentation for the AWS SDK for Java.AWS SDK for Java Documentation
Provides documentation for the Amazon EC2 service.Amazon Elastic Compute Cloud
(Amazon EC2) Documentation
Using IAM Roles for EC2 Instances with the AWS
SDK for Java
When writing software that accesses Amazon Web Services (AWS), you must always consider how you
will manage authentication credentials: all requests to AWS must be cryptographically signed using
credentials issued by AWS.
For software that runs on Amazon Elastic Compute Cloud (Amazon EC2) instances which are, by definition,
internet-accessible servers, you must manage AWS credentials in a way that keeps them secure but also
makes them accessible to your application so it can make AWS requests.
Using IAM roles for EC2 instances is a secure, effective way to provide AWS credentials to applications
that run on EC2 instances. This section will describe what IAM roles for EC2 instances are, how they're
used, and then show you how it works with a simple Java program.
Note
For complete information about using IAM Roles for EC2 instances, see Using Identity and
Access Management in the AWS Identity and Access Management User Guide.
Topics
How Applications Obtain AWS Credentials Using IAM Roles for EC2 Instances (p. 29)
Using IAM Roles with the SDK for Java (p. 30)
Walkthrough: Using IAM Roles to Retrieve an Amazon S3 Object from an EC2 Instance (p. 30)
How Applications Obtain AWS Credentials Using IAM Roles
for EC2 Instances
Using IAM roles, you can develop software and deploy it to an EC2 instance without needing to directly
manage the credentials that your software uses to access AWS. Instead, you create an IAM role and
configure it with the permissions that your software requires.Your application can then use this role to
access AWS through an instance profile, a logical container for the IAM role you defined that is associated
with your EC2 instance.
Note
Instance profiles that can be assigned to EC2 instances are automatically created whenever a
new IAM role is created on the AWS Management Console, so if you use the IAM console to
create your roles, you won't need to create instance profiles directly.
Version v1.0.0
29
AWS SDK for Java Developer Guide
Using IAM Roles for EC2 Instances