You can obtain a temporary authorization token for an instance RAM role. With this periodically updated token, you can use the permissions and resources granted to the RAM role.

Procedure

  1. Connect to the ECS instance remotely. For more information, see Overview.
  2. Obtain a temporary authorization token for an instance RAM role. The name of the instance RAM role is EcsRamRoleDocumentTesting.
    • For Linux instances, run the curl http://100.100.100.200/latest/meta-data/Ram/security-credentials/EcsRamRoleDocumentTesting command.
    • For Windows instances, run the Invoke-RestMethod http: // 100.100.100.200/latest/meta-data/Ram/security-credentials/EcsRamRoleDocumentTesting PowerShell command.
    An example of the temporary authorization token obtained:
    {
       "AccessKeyId" : "XXXXXXXXX",
       "AccessKeySecret" : "XXXXXXXXX",
       "Expiration" : "2017-11-01T05:20:01Z",
       "SecurityToken" : "XXXXXXXXX",
       "LastUpdated" : "2017-10-31T23:20:01Z",
       "Code" : "Success"
    }