April 2019
Intermediate to advanced
508 pages
11h 57m
English
An IAM role has a document associated with it that is known as its trust policy. The trust policy is a JSON policy document (for example IAM policies such as ReadOnlyAccess or AdministratorAccess) that specifies who/what can assume that role and under what conditions that is allowed or denied. A common trust policy document that allows the AWS EC2 service permission to assume a certain role might look like the following:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "ec2.amazonaws.com" }, "Action": "sts:AssumeRole" } ]}
This policy allows the EC2 service access to assume the role it belongs to. A scenario where this policy might be used is when an IAM role is added to an EC2 ...
Read now
Unlock full access