从AWS CLI v1.11.46 ，它已于昨天发布（请参见 CHANGELOG文件 GitHub），您现在可以使用 associate-iam-instance-profile 命令将IAM角色附加到最初没有IAM角色启动的现有EC2实例。

您还可以使用 replace-iam-instance-profile-association 替换当前附加的IAM角色来运行实例。 / p>

有关更多详细信息，请参见 AWS上的以下文章安全博客：

使用以下方式将AWS IAM角色附加到现有Amazon EC2实例AWS CLI 。

更新

截至2月22日，即2017年，您可以从 EC2控制台。请参阅此博客文章以获取更多详细信息。

I would like to add an IAM Role to an existing EC2 instance in AWS. I tried using AWS CLI. However, I could not find a way to do that.

As of AWS CLI v1.11.46, which was released just yesterday (see the CHANGELOG file on GitHub), you can now attach an IAM role to an existing EC2 instance that was originally launched without an IAM role using the associate-iam-instance-profile command.

You can also replace the currently attached IAM role for a running instance using replace-iam-instance-profile-association.

For more details, see the following article on AWS Security Blog:

Attach an AWS IAM Role to an Existing Amazon EC2 Instance by Using the AWS CLI.

UPDATE

As of Feb 22, 2017, you can attach/replace an IAM role to an existing EC2 instance from the EC2 console as well. See this blog post for more details.