feat(contrib/ec2): add optional support for IAM instance profiles

Author: sopel

contrib/ec2/deis.template.json

@@ -17,6 +17,11 @@
       "Description": "Number of nodes in cluster (3-12).",
       "Type": "Number"
     },
+    "IamInstanceProfile" : {
+      "Description" : "(Optional) Set IAM instance profile for Deis hosts (default: none)",
+      "Type" : "String",
+      "Default": ""
+    },
     "SSHFrom" : {
       "Description" : "Lockdown SSH access to the Deis hosts (default: can be accessed from anywhere)",
       "Type" : "String",
@@ -106,6 +111,17 @@
     }
   },
 
+  "Conditions" : {
+    "UseIamInstanceProfile" : {
+      "Fn::Not" : [{
+        "Fn::Equals" : [
+          { "Ref" : "IamInstanceProfile" },
+           ""
+        ]
+      }]
+    }
+  },
+
   "Resources" : {
     "VPC" : {
       "Type" : "AWS::EC2::VPC",
@@ -221,6 +237,13 @@
       "Properties": {
         "ImageId" : { "Fn::FindInMap" : [ "CoreOSAMIs", { "Ref" : "AWS::Region" }, { "Ref" : "EC2VirtualizationType" }]},
         "InstanceType": {"Ref": "InstanceType"},
+        "IamInstanceProfile" : {
+          "Fn::If" : [
+            "UseIamInstanceProfile",
+            { "Ref" : "IamInstanceProfile" },
+            { "Ref" : "AWS::NoValue" }
+          ]
+        },
         "KeyName": {"Ref": "KeyPair"},
         "UserData" : { "Fn::Base64": { "Fn::Join": [ "", [ ] ] } },
         "AssociatePublicIpAddress": {"Ref": "AssociatePublicIP"},