AWS - Add support for IAM Instance roles #570

New Issue

MrUnknownDE · 2026-04-05T20:28:06+02:00

MrUnknownDE commented

2026-04-05 20:28:06 +02:00

Originally created by @yannickvr on 8/27/2020

Currently CloudPanel requires an AWS user to be created and access keys are used to allow CloudPanel access to the AWS account. This option should only be considered when the CloudPanel instance is running outside AWS. I'd like to see:

Use IAM Instance role ( https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html ). This way the instance will generate access keys on demand and stolen access keys cannot be used from any other place than the instance itself.

Additionally, using Access Keys or IAM instance role with the option to assume a role in another account should be available as well. This way the CloudPanel instance can be hosted in a separate AWS account outside the regular attack vectors.

*Originally created by @yannickvr on 8/27/2020* Currently CloudPanel requires an AWS user to be created and access keys are used to allow CloudPanel access to the AWS account. This option should only be considered when the CloudPanel instance is running outside AWS. I'd like to see: Use IAM Instance role ( https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html ). This way the instance will generate access keys on demand and stolen access keys cannot be used from any other place than the instance itself. Additionally, using Access Keys or IAM instance role with the option to assume a role in another account should be available as well. This way the CloudPanel instance can be hosted in a separate AWS account outside the regular attack vectors.

MrUnknownDE closed this issue

2026-04-05 20:28:06 +02:00

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github/cloudpanel-ce#570