What's the best method for passing AWS credentials as user data to an EC2 instance?

Question

I have a job processing architecture based on AWS that requires EC2 instances query S3 and SQS. In order for running instances to have access to the API the credentials are sen

Answer 1

Like others have already pointed out here, you don't really need to store AWS credentials for an EC2 instance, by using IAM Roles - https://aws.amazon.com/blogs/security/a-safer-way-to-distribute-aws-credentials-to-ec2/. I will add that you can employ the same method also for securely storing NON-AWS credentials for you EC2 instance, like say if you have some db credentials you want to keep secure. You save the non-aws credentials on a S3 Bukcet, and use IAM role to access that bucket. you can find more detailed information on that here - https://aws.amazon.com/blogs/security/using-iam-roles-to-distribute-non-aws-credentials-to-your-ec2-instances/