“To allow your Puppet nodes to connect to your server, you have to create an AWS Identity and Access Management (IAM) role to use as your EC2 instance profile.”
That’s what the Puppet Enterprise Starter Kit manual says.
Step 1 of the guide says: “Here’s the policy. Create IAM role to use it. For information about how to create an IAM role, see our docs.”
I think we can do better than that. And automate it.