By googling, I found this tutorial on accessing S3 from EC2 instance without credential file http://parthicloud.com/how-to-access-s3-bucket-from-application-on-amazon-ec2-without-access-credentials/. I followed its instructions and got the desired instance. The aws web console page looks like
但是,我不想每次都使用 Web 控制台手动执行此操作。如何使用 boto3 创建此类 EC2 实例?
I tried
s = boto3.Session(profile_name='dev', region_name='us-east-1')
ec2 = s.resource('ec2')
rc = ec2.create_instances(ImageId='ami-0e297018',
InstanceType='t2.nano',
MinCount=1,
MaxCount=1,
KeyName='my-key',
IamInstanceProfile={'Name': 'harness-worker'},
)
where harness-worker
是有权访问 S3 的 IAM 角色,但仅此而已。
它还用于 aws Web 控制台教程的第一种方法。
然后我得到错误说
ClientError:调用时发生错误(UnauthorizedOperation)
RunInstances 操作:您无权执行此操作
手术。
我明显做错了什么吗?
The dev
配置文件具有 AmazonEC2FullAccess。不带线IamInstanceProfile={'Name': 'harness-worker'},
, create_instances
能够创建实例。