so I have been trying to figure out how to attach policies to my EC2 instance such that I can use the SSM functionality. While doing so I tried:
response = ec2_client.associate_iam_instance_profile(
IamInstanceProfile ={
'Arn': 'arn:aws:iam::808608558017:role/AmazonSSMRoleForInstancesQuickSetup'
'Name': 'AmazonSSMRoleForInstancesQuickSetup'
},
InstanceId= ID
)
which throws the following error:
ClientError: An error occurred (InvalidParameterValue) when calling the AssociateIamInstanceProfile operation: Value (arn:aws:iam::808608558017:role/AmazonSSMRoleForInstancesQuickSetup) for parameter iamInstanceProfile.arn is invalid. Invalid IAM Instance Profile ARN
I copy-pasted the arn.
but,
response = ec2_client.associate_iam_instance_profile(
IamInstanceProfile ={
'Name': 'AmazonSSMRoleForInstancesQuickSetup'
},
InstanceId= ID
)
works fine.
documentation for the same seems to suggest that the former should work instead of the latter. I am a little confused about why:)
IAM role ARN ≠ Instance profile ARN, so just use the name is sufficient
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.