Before deployment, it's important to understand the two primary security patterns for granting the server permissions. The pattern you choose depends on where your server is hosted.
-
Pattern A: IAM Roles for EC2 (Recommended) This is the standard, most secure method for workloads running within AWS. An IAM Role is attached to the EC2 instance, which then automatically receives short-lived, temporary credentials from the EC2 metadata service. This completely avoids the need to store static access keys on the server.
-
Pattern B: IAM Users for External Servers For servers running outside of AWS (e.g., on-premises, other clouds), an IAM Role cannot be used. This pattern involves creating a dedicated IAM User with a narrowly scoped policy and long-lived static access keys (
AccessKeyId
andSecretAccessKey
). This requires careful manual credential management.
- Project Wiki:
regularbm
- Introduction
- Core Concepts
- Pattern A
- Pattern B
- Getting Started - A Step-by-Step Guide
- Step 1: System Prerequisites
- Step 2: Deploy Cloud Infrastructure
- Step 3: Configure the Script Environment
- Step 4: Configure Server Permissions
- Step 5: Test and Automate
- Technical Deep Dive
- The Backup Process
- Packaging
- Configuration: Script Arguments
- Troubleshooting FAQ