Пример CloudFormation для передачи во внутрь EC2 инстанса «ACCESS_KEY» и «SECRET_KEY» прямо из IAM для доступа к S3 Bucket используя AWS-Cli.
AWSTemplateFormatVersion: "2010-09-09"
Description: 'Auto create VPC with instance'
########################################### BLOCK WITH ENVIRONMENTS ###########################################
Parameters:
ProjectName:
Type: String
Default: ArtemPool
Description: Name of project.
SSHKeyName:
Type: String
Default: artem
Description: Name of SSH key.
Image:
Type: String
Default: ami-0ff8a91507f77f867
Description: Image for instance (Default - Amazon Linux, if you changes it, you must install AWS-Cli manualy)
ConstraintDescription: (ami-0ff8a91507f77f867 - Amazon Linux)
Region:
Type: String
Default: us-east-1b
Description: Region (Default - U.S. Virginia)
####################################### BLOCK WITH IAM FOR ACCESS TO S3 ######################################
Resources:
myaccesskey:
Type: AWS::IAM::AccessKey
Properties:
UserName: artem-s3
########################################## BLOCK WITH EC2 INSTANCES ##########################################
Ec2Instance:
Type: AWS::EC2::Instance
Properties:
ImageId: !Ref Image
InstanceType: t2.micro
KeyName: !Ref SSHKeyName
BlockDeviceMappings:
-
DeviceName: /dev/sdm
Ebs:
VolumeType: io1
Iops: 200
DeleteOnTermination: true
VolumeSize: 20
UserData:
Fn::Base64: !Sub ACCESS_KEY=${myaccesskey}&&SECRET_KEY=${myaccesskey.SecretAccessKey}
Outputs:
AccessKeyformyaccesskey:
Value:
!Ref myaccesskey
SecretKeyformyaccesskey:
Value: !GetAtt myaccesskey.SecretAccessKey
###############################################################################################################