AWS provides a detailed step-by-step procedure for creating and configuring an AWS Cloud9 environment. Each developer will need to configure her own environment.
Make sure you note the following choices to support no-ingress EC2 instances in the shared development subnets.
Beyond the above, you might want to change the instance size depending on the workload, but the defaults are the recommended settings. Please see the AWS Cloud9 User Guide for more information
Once you’ve created your Cloud9 environment, you can associate an instance profile with your Cloud9 EC2 instance so that your work in your IDE can have similar access permissions as your regular AWS session. See Create and Use an Instance Profile.
For example, you could associate the managed IAM policy AdministratorAccess with your new EC2 service role for Cloud9. Since in your team development AWS account you’re required to attach the permissions boundary whenever you create a role, your overall access will be constrained by the permissions boundary policy.
After you attach an EC2 instance profile and IAM role to your Cloud9 instance, you can verify which role is being used by issuing the following command from a terminal session in your Cloud9 environment:
$ aws sts get-caller-identity
If you find that your bash terminal prompt is too long, you can set it to just the Linux user, IP address, and current directory. Either edit your ~/.bashrc file and replace the PS1 setting or export the setting as follows:
export PS1="[\u@\h \W]\$ "
Although a version of the AWS CLI is preinstalled in your Cloud9 environment, you should consider installing version 2. See Install the AWS CLI.