AWS IAM: Roles – Create Role for Full EC2 and S3 Access


IAM Roles are also AWS Identity with permissions assigned to it. The unique benefit of IAM role is that it can be assigned to any person or AWS service too. For an Example, If we want to provide EC2 Instance access to Amazon S3 then we can provide accessby assigning roles to AWS service.

Another important point is that Access Keys or credentials are not associated with Roles. In fact Access Key is created dynamically while using roles.
Click on Roles in the left sidebar of AWS IAM Dashboard. In our case, there is one pre-existing role which we created for accessing S3.
72.39%2BAWS%2BIAM%2BRoles.png

Click on the s3-ec2-vpc Role which we already created. Verify the Permissions tab where we have assigned AmazonS3FullAccess policy to this role.

72.40%2BAWS%2BIAM%2BRoles%2BS3%2BRole.png

Click on Show Policy and see the JSON format for the policy Language.

72.41%2BAWS%2BIAM%2BRole%2BShow%2BRole.png

Now, let’s try to create a Role.; Click on Create Role button and provide suitable Role name.

72.42%2BAWS%2BIAM%2BRole%2BCreate%2BRole.png

Attach policies to the Role. In our case, let’s say we want to provide full EC2 and S3 access to all Users, Groups, or Services associated with this Role.

72.43%2BAWS%2BIAM%2BRole%2BCreate%2BRole%2BAttach%2BPolicy.png

Review and Click on Create Role.

72.44%2BAWS%2BIAM%2BRole%2BCreate%2BRole%2BReview.png

Verify newly created Role is now available on IAM Dashboard.

72.45%2BAWS%2BIAM%2BRoles%2BDashboard.png

Verify Permissions section for attached policies with this Role.

Leave a comment

Your email address will not be published. Required fields are marked *