Amazon EC2 get tag from CLI - no credentials

358 views Asked by At

The metadata URL from Amazon gives a lot of data but lags tag information. I tried to combine a bunch of different commands and eventually got to the describe-tags CLI command. The problem is that while I can get the Instance ID and the Region easily enough, I cannot get values for tags without dropping credentials onto the box.

I get the following error:

Unable to locate credentials. You can configure credentials by running "aws configure".

The basic command I wind up executing is:

aws ec2 describe-tags --region us-east-1 --filters "Name=resource-id,Values=SOME_ID"

The process I follow is this:

  1. Create an instance with a predefined application on it
  2. Image the instance
  3. Spin up various instances using the image via the Amazon AWS API programmatically
  4. Tag the instances that get spun up with pieces of critical data
  5. Attempt to read the tags from the application

Any way to get around the credentials issue? I figure that the local machine would have access to its own tag metadata without signing in but that doesn't appear to be the case.

If there's no way to get around it, are there any suggestions to pass in the data to the VM without sitting around and waiting for it to start up?

I really don't want to write a process that sits around waiting for the EC2 to finish spinning up, SSH in and then pass in the critical data myself. The data changes on-the-fly and can change between instances that I fire up in order to handle various events.

1

There are 1 answers

1
stdunbar On BEST ANSWER

I would create your EC2 instances with IAM roles for EC2. You don't need to do anything fancy and the credentials are then available on the box. It's easy to restrict the role down to do only what you need.