Creating Roles in AWS: A Step-by-Step Guide

In this lesson, we explored roles in AWS Identity and Access Management (IAM) and how they are used to grant permissions to AWS entities. Below is a summary of the key points covered and a step-by-step guide on creating a role, specifically for an Amazon EC2 instance.

What Are AWS Roles?

• Roles are a way to assign permissions to AWS entities (like EC2 instances or Lambda functions) so they can perform actions on AWS resources.
• There are currently five types of roles you can create in AWS, but this lesson focuses on roles for AWS services.

Step-by-Step: Creating a Role for an EC2 Instance

1. Navigate to the Roles Section

• Go to the IAM Dashboard.

• Click on Roles from the left-hand menu.

  Here, you can view any existing roles created for your account.

2. Create a New Role

1. Click on the Create Role button.
2. Select the type of role you want to create.
   • For this example, choose AWS service as the trusted entity.
3. Specify the AWS service that will assume the role.
   • Select EC2 from the commonly used services.

3. Attach a Policy

• After selecting EC2, attach a policy that defines the permissions for the role.
  • Example: Attach the IAM Read-Only Access policy, which allows the EC2 instance to read IAM resources.
• Click Next to proceed.