Ensure an IAM role is attached to EC2 instance
Error: AWS EC2 Instance IAM Role not enabled
Bridgecrew Policy ID: BC_AWS_IAM_69
Checkov Check ID: CKV_AWS_33
Severity: MEDIUM
AWS EC2 Instance IAM Role not enabled
Description
AWS provides Identity Access Management (IAM) roles to securely access AWS services and resources. The role is an identity with permission policies that define what the identity can and cannot do in AWS. As a best practice, create IAM roles and attach the role to manage EC2 instance permissions securely instead of distributing or sharing keys or passwords
Fix - Buildtime
Terraform
- Resource: aws_instance
- Argument: iam_instance_profile
resource "aws_instance" "pass" {
ami = "ami-005e54dee72cc1d00" # us-west-2
instance_type = "t2.micro"
iam_instance_profile = "test"
network_interface {
network_interface_id = aws_network_interface.foo.id
device_index = 0
}
credit_specification {
cpu_credits = "unlimited"
}
}
Updated 3 months ago