assume IAM roles using user name and password

view full story

http://serverfault.com – It seems really insecure to store permanent IAM access credentials (key, secret) on the instance or any other place. The way I understood roles - it would make sense if I could manage permissions to perform certain tasks using roles: setup the role, user group with permission to assume that role, add users to that group from command line type something like "ec2_assume_role rolename time_till_expiration" then at the prompt enter my username and pwd get those temporary keys (could script to set them directly into the env) From what I found in IAM documentation - assuming role requires a se (HowTos)