this post was submitted on 11 Aug 2023
3 points (100.0% liked)

Service Clouds: AWS, Azure, GCP, etc.

169 readers
1 users here now

A community for discussions related to all cloud service providers and the tools of the trade.

Related Communities:

General

Tools

Platforms

Infrastructure Orchestration

Programming

founded 1 year ago
MODERATORS
 

I'm following a tutorial for creating docker containers, and it is having me go through the AWS beanstalk to create the environment to host the app, but I can't get the environment all the way there. Everytime I get some error about an instance profile I think it was called, and I've tried creating users, roles, and giving the roles the permissions for the beanstalk permissions, but it's still giving me errors. Does anyone know what I should be doing different?

top 7 comments
sorted by: hot top controversial new old
[–] Tagger 2 points 1 year ago

Have you spoken to @Jack?

[–] [email protected] 2 points 1 year ago (1 children)

An instance profile is what I would call a legacy resource that really shouldn't be needed, but is still there in the background for backwards compatibility. You can't attach an IAM role directly to an EC2 instance. You need to have an instance profile in between that is named the same as the IAM role.

You can create one using every other interface (command line, CloudFormation, Terraform, SDKs, etc.), but not through the web console (browser). From the web console, you would need to recreate the IAM role and make sure you select EC2 as the purpose/service for the role. Only then will it create a matching instance profile along-side your new IAM role.

[–] [email protected] 2 points 1 year ago (1 children)

I'm pretty sure I used ec2 as the service for the role, and named it the same name as the instance error was looking for. I'll see if I can find instructions on doing it all through the command line instead and see how that goes

[–] [email protected] 2 points 1 year ago (1 children)

You can use aws iam list-instance-profiles to get a list of what is already created. I suspect there is something else wrong.

It cloud be looking for the default Beanstalk instance profile and role (aws-elasticbeanstalk-ec2-role) as it isn't auto-created anymore. It could also be a permission issue with the role's policy.

https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/iam-instanceprofile.html

Elastic Beanstalk is one of the few AWS services I haven't used as it just deploys a number of other services and resources behind the scenes. It is more of a up-and-running-quick demonstration tool than something you would use IRL. It can be used, but there are better options.

[–] [email protected] 2 points 1 year ago (1 children)

Ok. Thanks for the help. That CLI command is for the AWS command line correct, not installing anything on my PC and using my terminal

[–] [email protected] 3 points 1 year ago (1 children)

Yup, that is for the AWS CLI command. You could also use that from AWS Cloud Shell.

[–] [email protected] 2 points 1 year ago

It took some time, but I was able to make the instance profile and then add the role to the instance profile, and the environment was created. After that, the app still didn't work when clicking the domain url lmao but hey, 1 problem fixed, 1 new problem emerges