How to Create and Attach IAM Roles in AWS

Introduction

An IAM role is an IAM identity that you can create in your account that has specific permissions. An IAM role is similar to an IAM user, in that it is an AWS identity with permission policies that determine what the identity can and cannot do in AWS. However, instead of being uniquely associated with one person, a role is intended to be assumable by anyone who needs it. Also, a role does not have standard long-term credentials such as a password or access keys associated with it. Instead, when you assume a role, it provides you with temporary security credentials for your role session.

For more details visit.

Creating IAM Roles

1. Open the AWS Management Console and navigate to the Identity and Access Management (IAM).

2. Click on Roles from the left navigation panel.

   

3. Click Create role.

4. Select AWS Service.

   

5. Select EC2 in the Use case.

   

6. Click Next.

7. Search AmazonS3FullAccess in Permissions policies, and select it.

   

8. Write a suitable role name.

9. 

   Click Next -> Create Role.

10. Open the role by clicking on its name.

11. Select Permissions, under Permissions policies you can check the policy names.

Attaching role to a service

1. Create an EC2 instance.

2. Select the instance.

3. Go to Actions -> Security -> Modify IAM role.

   

4. Select the IAM role from the from down.

   

5. Click Update IAM role.