Spring Boot on AWS EC2: Upload to S3 Securely Using IAM Role
When running a Spring Boot application on AWS EC2 , the most common security mistake is hardcoding AWS access keys inside application.properties . This is unnecessary and risky. AWS already provides a secure mechanism: IAM Roles attached to EC2 . In this blog, you will learn how to upload and download files to Amazon S3 from Spring Boot running on EC2 without any access keys , using: Spring Profiles AWS SDK v2 Instance Metadata Service (IMDS) IAM Roles Why Access Keys Are a Bad Idea on EC2 Typical S3 setups use: Access key Secret key Region Bucket This works only for local development. It should NOT be used on EC2. Problems with access keys: Stored in config or code (high risk) Might leak through Git, logs, or screenshots Require manual rotation Not needed if app runs on EC2 AWS automatically manages temporary credentials using the EC2 Instance Profile (IAM Role) . Architecture: EC2 → IAM Role → S3 Spring Boot app r...