IAM Roles for EC2 - Overview
IAM Roles for EC2 allow you to access Amazon S3 storage from EC2 without transferring your Access Key ID and Secret Access Key to the instance.
You define the Role in your IAM AWS Console and launch the EC2 instance with this role. Applications running on such instance are now able to obtain temporary Access Keys from instance metadata. These access keys are rotated during the day providing you an additional layer of security.
To connect to Amazon S3 from EC2 via IAM Role:
1. Start S3 Browser and click Accounts -> Add New Account.Click Accounts -> Add New Account
Add New Account dialog will open:Add New Amazon S3 from EC2 via IAM Role Account dialog
2. Enter Account Name - any name of your choice to label the account.
3. Choose Amazon S3 on EC2 via IAM Role as Account Type.
4. Click Add new account.
You can now choose the newly added account from the accounts menu:Click Accounts -> Account Name to switch between accounts.
You may also configure additional settings when adding new or editing existing account.
In order to open advanced account settings, please click the advanced settings link located at the bottom left corner of the dialog.
The Advanced Account Settings dialog will open:Advanced account settings
You may configure the following settings here:
List all my buckets when account assigned - if checked, S3 Browser performs s3:ListAllMyBuckets call when account is assigned. You may uncheck this for accounts that are not allowed to list all buckets to avoid failed tasks and warnings in the log.
Check CloudFront distributions when account assigned - if checked, S3 Browser performs cloudfront:ListDistributions call when account is assigned to set special icon for buckets that are used as origin for CloudFront distributions. You may uncheck this for accounts that are not allowed to list CloudFront distributions to avoid failed tasks and warnings in the log.
External Buckets - you may edit external buckets associated with the account. Each bucket must be specified on a new line. Optional path is also supported, slash is used as delimiter, for example my-bucket/and/optional/path
"S3 Browser is an invaluable tool to me as a web developer to easily manage my automated site backups" -Bob Kraft, Web Developer
"Just want to show my appreciation for a wonderful product. I use S3 Browser a lot, it is a great tool." -Gideon Kuijten, Pro User
"Thank You Thank You Thank You for this tool. A must have for anyone using S3!" -Brian Cummiskey, USA