Remove AWS_ACCESS_KEY, AWS_SECRET_KEY environment variable

[moreal]

• Test IAM Role in EC2 instance with docker compose. (Testing)
• Remove AWS_ACCESS_KEY, AWS_SECRET_KEY environment variables. (Coding)
• Deploy.

Test IAM Role in EC2 instance with docker compose

• https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html

1. Make policy

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": "kms:Sign",
            "Resource": "arn:aws:kms:us-east-2:<ACCOUNT_ID>:key/<KEY_ID>"
        }
    ]
}

2. Make IAM Role
3. Make KMS
4. Allow IAM Role as KMS user
5. Make EC2 instance
6. Bind IAM role to EC2 instance
7. Run docker-compose up -d

version: '3'
services:
  9c-headless:
    image: ubuntu
    command: sleep 10000

8. Attach to D

docker run -it <container_ name> /bin/bash

9. Install awscli

apt update && apt upgrade && apt install -y awscli

10. Run the command

aws kms --region us-east-2 sign --key-id <KEY_ID> --message aaa --signing-algorithm ECDSA_SHA_256

It doesn't use aws configure so I think they can be removed well.

But the above thing was too simple so I'm not sure the policy's permissions 🤔 I think it should prepare local testing.