Using the AWS Console, manually check that role-permissions are being used for instances

Details

Center for Internet Security (CIS) Recommendation 1.21 is to Ensure IAM instance roles are used for AWS resource access from instances. https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf#page=61

This is a check that must be performed manually as there are either no appropriate API calls or it may require an account-specific judgement call.