Add Permissions to Your Environment's Instances

Your application is running on more than one EC2 instances behind a load balancer, serving HTTP requests from the internet. When EC2 receives a request that require it to use AWS services, then the application uses the permission of the instance on which it running to access the AWS service.

For example the sample application for Node.js requires permission to write data on Amazon DynamoDB table and to send notifications to Amazon Simple Notification Service (SNS) from Javascript SDK for Node.js.

For doing this add following Managed Policies to default instance profile to grant the EC2 instances the required permission to access DynamoDB and SNS.

  1. AmazonDynamoDBFullAccess.
  2. AmazonSNSFullAccess.

To add policies to the default instance profile

  1. Open the Roles page in the IAM console.

  2. Choose aws-elasticbeanstalk-ec2-role.

  3. On the Permissions tab, under Managed Policies, choose Attach Policy.

  4. Select the managed policy for the additional services that your application uses. For example,AmazonSNSFullAccessorAmazonDynamoDBFullAccess.

  5. Choose Attach Policies.

See Managing Elastic Beanstalk Instance Profiles for more on managing instance profiles.

results matching ""

    No results matching ""