如何使用現有 IAM 角色調用新的 EC2 實例？ / JavaScript AWS SDK v3 - RunInstancesCommand

Question

如何在 JavaScript 中啟動帶有附加（現有）IAM 角色的 EC2 實例？

我知道這個問題已被問到其他語言，但我找不到 JavaScript 的示例。

我的 JS Lambda 代碼目前看起來像：

const { EC2Client } = require( "@aws-sdk/client-ec2");
const ec2Client = new EC2Client({ region: "eu-central-1" }); 
const {
      CreateTagsCommand,
      RunInstancesCommand,
      TerminateInstancesCommand,
      RunInstancesRequest
  } = require("@aws-sdk/client-ec2");      

const instanceParams = {
      ImageId: "ami-00a844bXXXXXXXXXX",
      InstanceType: "a1.xlarge",
      KeyName: "YourKeyName", 
      MinCount: 1,
      MaxCount: 1,
      SecurityGroupIds: ["sg-XXXXXXXXXXXXX"],
      IamInstanceProfile: "arn:aws:iam::390000000000:instance-profile/NAME" // doesn't work
};

const run = async () => {
  try {
    const data = await ec2Client.send(new RunInstancesCommand(instanceParams));
    console.log(data.Instances[0].InstanceId);
  } catch (err) {
    console.log("Error", err);
  }
}

var ret = await run();

---

文檔：

https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-ec2/interfaces/runinstancescommandinput.html#iaminstanceprofile

---

"@aws-sdk/client-ec2": "^3.44.0",
"@aws-sdk/client-lambda": "^3.45.0",

上面的代碼運行，但 EC2 > Instances > Security 選項卡下的 IAM Role 在我所有的嘗試中都保持為空。

Answer 1

對於 IamInstanceProfile 字段，您需要指定 ARN 或名稱。 嘗試使用以下任何選項：

const instanceParams = {
  ImageId: "ami-00a844bXXXXXXXXXX",
  InstanceType: "a1.xlarge",
  KeyName: "YourKeyName", 
  MinCount: 1,
  MaxCount: 1,
  SecurityGroupIds: ["sg-XXXXXXXXXXXXX"],
  IamInstanceProfile: 
  {
      Name: "NAME"
  }
};

或者

    const instanceParams = {
  ImageId: "ami-00a844bXXXXXXXXXX",
  InstanceType: "a1.xlarge",
  KeyName: "YourKeyName", 
  MinCount: 1,
  MaxCount: 1,
  SecurityGroupIds: ["sg-XXXXXXXXXXXXX"],
  IamInstanceProfile: 
  {
      Arn: "arn:aws:iam::390000000000:instance-profile/NAME"
  }
};

---

JavaScript SDK 運行實例