IAM instance roles should be used for AWS resource access from instances

ec2
This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

This check ensures the EC2 instance uses IAM instance roles for granting resource access. By assigning an IAM role to your instances, you can access AWS resources securely and eliminate the need to manage credentials directly on the instances. IAM instance roles provide temporary credentials that are automatically rotated, reducing the risk of credential leakage and simplifying credential management.

Remediation

For detailed instructions on how to assign an IAM role to an EC2 instance, refer to the IAM Roles for Amazon EC2 User Guide.

It is recommended to create IAM roles that have the minimum permissions required for accessing AWS resources, adhering to the principle of least privilege.