Open in app

Sign in

Write

Sign in

IAM Role

Michael Mensah
3 min readFeb 17, 2022

--

What is IAM role — An IAM role is a service that defines a set of permission for making AWS service requests. IAM roles are not associated with a specific user or group. Instead, a trusted entity assume roles, such as IAM users, applications, or AWS services such as EC2.

In today’s project we will look at how to create an IAM role and attach the role to another service. The diagram below.

First — Head over to the IAM home page. Once you are at the home page look for “Roles” select roles and created a role. Diagram is below with a yellow highlighting it.

Second — To create a role, you will need to select a trusted entity. In our case and for the purpose of this project the trusted entity am going to use is EC2. One may ask what is a Trusted Entity. Good you asked. A Trusted Entity is a set of entities which can assume a role. In some cases some organizations can assigned IAM roles to Third party trusted entity companies to access some of their services.

Third — When EC2 is assigned as a trusted entity this means that only EC2 can access whichever service is given permission per the policy defined. Step number three is to grant permission access to which service EC2 will be accessing. Permission will be granted to Amazon S3.

Four — Add a role name, review and create after permission policy is selected.

Five — Create an EC2 Instance and attach the IAM role to your instance. When it comes to attaching an IAM role there are several ways to do it. You can attach IAM role during the launch instance process or after the launch instance process is done. In this project I will attach IAM role to the launch instance process. EC2 Server is currently running and IAM roles is successfully attached.

Six — Login into the EC2 server with the help of Putty.

Seven — Now that I am in theEC2 server. I will access the S3 service with the command — AWS S3 ls which show my bucket name. In the diagram below I created an S3 bucket and upload a picture into my bucket as seen in the diagram below. The command used to access my upload is — aws S3 ls S3://mensahcloudbucket as am able to access my S3 and also my upload.

Thank you for stopping by to read my mini project. Any tip or critique is welcome..

Happy learning…

--

--

Michael Mensah
Michael Mensah

Written by Michael Mensah

90 Followers
63 Following

Cloud Systems Engineer | DevOps Engineer

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams