DEV Community

Sajid Rashid
Sajid Rashid

Posted on

Setting Up an IAM Role for Terraform on EC2

#terraform #devops #aws

Introduction

When running Terraform on AWS EC2, it's best practice to use an IAM role instead of manually managing AWS access keys. An IAM role allows Terraform to securely authenticate and access AWS resources. This guide will walk you through the process of creating an IAM role, attaching it to an EC2 instance, and verifying the setup.

Step 1: Create an IAM Role with Permissions

1. Log in to AWS Management Console

  • Navigate to the AWS IAM Console.

2. Create a New IAM Role

  • In the IAM dashboard, click Roles in the left-hand menu.

  • Click Create role.

3. Select Use Case

  • Under Trusted entity type, choose AWS service.

  • Under Use case, select EC2 (since the role will be used by an EC2 instance).

  • Click Next.

4. Attach Policies (Permissions)

Choose the necessary permissions for Terraform to run. Some commonly used policies include:

  • AdministratorAccess (Full access to AWS services).

  • AmazonS3FullAccess (For managing S3 buckets).

  • AmazonEC2FullAccess (For full EC2 resource access).

Select the required policies and click Next.

5. Configure Tags (Optional)

Add tags if needed for identification or tracking.

  • Click Next.

6. Review and Create Role

  • Provide a name (e.g., Terraform-EC2-Role).

  • Review policies and click Create role.

Step 2: Attach the IAM Role to Your EC2 Instance

1. Go to the EC2 Dashboard

  • Navigate to the AWS EC2 Console.

2. Select Your EC2 Instance

  • Under Instances, find and select the EC2 instance where Terraform will run.

3. Modify the IAM Role

  • With the instance selected, click Actions.

  • Navigate to Security > Modify IAM Role.

4. Attach the IAM Role

  • Select the IAM role created earlier (Terraform-EC2-Role).

  • Click Update IAM Role.

Step 3: Verify IAM Role is Attached to the EC2 Instance

1. Check IAM Role in EC2 Dashboard

  • Select the instance and check the Description tab.

  • Ensure the IAM role field shows the assigned role (Terraform-EC2-Role).

2. Verify Permissions from EC2 Instance

  • SSH into your EC2 instance: 
ssh ec2-user@<your-ec2-public-ip>
Enter fullscreen mode Exit fullscreen mode
  • Run the following command: 
aws sts get-caller-identity
Enter fullscreen mode Exit fullscreen mode

This should return details about the IAM role attached to the instance.

Step 4: Run Terraform on EC2

With the IAM role attached, Terraform will automatically authenticate with AWS, eliminating the need for manual AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY configuration.

1. Run Terraform Commands:

terraform init
terraform plan
terraform apply
Enter fullscreen mode Exit fullscreen mode

Terraform will now use the IAM role to authenticate with AWS and manage resources.

Follow me for more tips :)

profile
Heroku
 Promoted

Heroku

Simplify your DevOps and maximize your time.

Since 2007, Heroku has been the go-to platform for developers as it monitors uptime, performance, and infrastructure concerns, allowing you to focus on writing code.

Learn More

Top comments (0)

Read next

sumsuzzaman profile image

Harnessing AWS Cloud for Seamless DeepSeek R1 Operations

Sumsuzzaman Chowdhury -

msystechnologies profile image

5 CI/CD Tools to Watch in 2025 for Cutting-Edge DevOps

MSys Technologies -

ajeetraina profile image

What is KubeArchInspect and what problem does it solve?

Ajeet Singh Raina -

subbusainath profile image

Building Production Ready Lambda Extensions: Best Practices from 6 years of Serverless Experience

Subbusainath -

👋 Kindness is contagious

Please leave a ❤️ or a friendly comment on this post if you found it helpful!

Okay