Table of Contents

Search

  1. Preface
  2. Part 1: Introduction to Amazon Redshift connectors
  3. Part 2: Data Integration with Amazon Redshift V2 Connector
  4. Part 3: Data Integration with Amazon Redshift Connector

Amazon Redshift Connectors

Amazon Redshift Connectors

Temporary security credentials using AssumeRole for EC2

Temporary security credentials using AssumeRole for EC2

You can use temporary security credentials using AssumeRole for an Amazon EC2 role to access the AWS resources from the same or different AWS accounts.
The Amazon EC2 role would be able to assume another IAM role from the same or different AWS account without requiring a permanent access key and secret key. The Amazon EC2 role can also assume another IAM role from a different region.
Consider the following prerequisites when you use temporary security credentials using AssumeRole for EC2:
  • To use temporary security credentials using AssumeRole for EC2, install the Secure Agent on an AWS service such as Amazon EC2.
  • The EC2 role attached to the AWS EC2 service must not have access to Amazon S3 but needs to have permission to assume another IAM role.
  • The IAM role that needs to be assumed by the EC2 role must have a permission policy and a trust policy attached to it.
    For more information about the policies for EC2 roles and IAM roles, see Temporary security credentials policy.
To configure an EC2 role to assume the IAM Role provided in the
IAM Role ARN
connection property, select the
Use EC2 Role to Assume Role
check box in the connection properties.