/// <summary> /// Create the instance profile that will give permission for the EC2 instance to make request to Amazon S3. /// </summary> /// <returns></returns> static string CreateInstanceProfile() { var client = new AmazonIdentityManagementServiceClient(); var roleName = Args.Value("Role"); CreateRole(); CreateRolePolicy(); var response = client.CreateInstanceProfile(new CreateInstanceProfileRequest { InstanceProfileName = roleName }); return(response.InstanceProfile.Arn); }
public void IdentityManagementServiceCreateInstanceProfile() { #region 5d84e6ae-5921-4e39-8454-10232cd9ff9a var client = new AmazonIdentityManagementServiceClient(); var response = client.CreateInstanceProfile(new CreateInstanceProfileRequest { InstanceProfileName = "Webserver" }); InstanceProfile instanceProfile = response.InstanceProfile; #endregion }
static string CreateInstanceProfile() { var roleName = "ec2-sample-" + RESOURCDE_POSTFIX; var client = new AmazonIdentityManagementServiceClient(); client.CreateRole(new CreateRoleRequest { RoleName = roleName, AssumeRolePolicyDocument = @"{""Statement"":[{""Principal"":{""Service"":[""ec2.amazonaws.com""]},""Effect"":""Allow"",""Action"":[""sts:AssumeRole""]}]}" }); var statement = new Amazon.Auth.AccessControlPolicy.Statement(Amazon.Auth.AccessControlPolicy.Statement.StatementEffect.Allow); statement.Actions.Add(S3ActionIdentifiers.AllS3Actions); statement.Resources.Add(new Resource("*")); var policy = new Policy(); policy.Statements.Add(statement); client.PutRolePolicy(new PutRolePolicyRequest { RoleName = roleName, PolicyName = "S3Access", PolicyDocument = policy.ToJson() }); var response = client.CreateInstanceProfile(new CreateInstanceProfileRequest { InstanceProfileName = roleName }); client.AddRoleToInstanceProfile(new AddRoleToInstanceProfileRequest { InstanceProfileName = roleName, RoleName = roleName }); return(response.InstanceProfile.Arn); }