asked on
setting up ec2
my org has lot of ec2 servers and s3 buckets, if I wanted to add some code , what else do I need to set up apart from giving read/write permission to the s3 objects/buckets. do I need to set up a different user, or any other rules . I don't think vpc is needed.
and what about the security, if I allow users to upload files and eventually save it to the s3 bucket?
Yes the IAM role and inline policy are needed and also tagged bucket policy for S3 to allow the workload having this IAM. There maybe need to pass role to instance too. The link will step through an example
https://docs.databricks.com/administration-guide/cloud-configurations/aws/iam-roles.html
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html
If you are using an ec2 server it is recommended you use an IAM Role that has the necessary permissions to access your buckets. When launching your EC2 instance you will assign it that role. This make it easier for you since then you won't have to handle any keys or passwords when connecting to the s3 buckets, as that will be handled in the background for you.
ASKER
@anthony - thanks . i'm still wrapping around the concept of cloud infrastructure.
if i set up an EC2 instance and if I need more such EC2 instance based on the demand , aws should take care of that right?
or do I have to set that up as well, or can it be done with some start up script , that will configure enough EC2 instances with proper IAM role .
ASKER