Home › Forums › AWS › AWS Certified Solutions Architect Professional › Clarification on reference versus associate instance profile (property) role
-
Clarification on reference versus associate instance profile (property) role
MaheshGupta updated 4 years, 4 months ago 3 Members · 3 Posts -
Scenario: CloudFormation/DynamoDB/without exposing API credentials
“Launch an IAM Role that has the required permissions to read and write from the DynamoDB table. Reference the IAM Role in the instance profile property of the application instance.”
OR
“Launch an IAM Role that has the required permissions to read and write from the required DynamoDB table. Associate the Role to the application instances by referencing an instance profile.”
Please explain the difference between these 2 answers, as it is not done in the explanation.
Thanks,
Robert -
Hi Robert,
Thank you for pointing this up.
As the two options are very similar, we will update the choices for this question to better separate the two.
Cheers,
Kenneth Samonte @ Tutorials Dojo
-
Hi Kung,
This is cloudformation related question so you need to reference the Instance Role. please see below
AWSTemplateFormatVersion: “2010-09-09”
Resources:
MyInstanceProfile:
Type: “AWS::IAM::InstanceProfile”
Properties:
Path: “/”
Roles:
–
Ref: “MyRole”
-
Log in to reply.