AWS IAM Role allows an entity to assume a role and get the permissions to access the AWS resources. The entity can be a federated user, a cross-account user, or an AWS resource. Consider we have an Amazon EC2 instance as an Entity and want to access Amazon S3. So to get access, we need to attach the IAM Role (having permissions to access S3) to our EC2 instance. So now, the EC2 instance can assume the role and get the permissions to access S3.
Let's look at different ways to create the AWS IAM Role.
The AWS Management Console allows us to create and manage the Role.
The following steps will guide you to create a role:
- Go to AWS IAM Management Console at https://console.aws.amazon.com/iam/home and click on Roles from the left navigation or directly go to https://console.aws.amazon.com/iam/home#/roles
- Under Roles, you can see a list of AWS IAM Roles created under your account (if any)
- Click on the
Create role
button:
Figure 2.4: Create new role
Here, we need...