Use IAM roles for EC2 instances
All Gruntwork modules that require AWS API access use roles rather than an IAM user with static API credentials for authentication. For example:
-
terraform-aws-server
is used to manage a single EC2 instance with an IAM role attached. -
terraform-aws-asg
applies IAM roles to instances in auto-scaling group. -
terraform-aws-eks
uses IAM roles for EKS cluster workers. -
ecs-cluster
creates IAM roles for ECS instances -
lambda
creates IAM roles for Lambda functions
Use these modules whenever possible. You should always use IAM roles in your own modules any time you need to provide access to the AWS API. Using static API credentials should be avoided whenever possible.