O'Reilly logo

Learning AWS - Second Edition by Amit Shah, Aurobindo Sarkar

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Understanding IAM roles

A role is a set of permissions that grants access to AWS resources. Roles are not associated with any user or group but instead are assumed by a trusted entity which can be an IAM user, application ,or AWS service such as EC2. The difference between an IAM user and a role is that a role cannot access the AWS resources directly, implying that they do not have any credentials. This property is very useful when the trusted AWS service, such as EC2, assumes a role. There is no need to provide credentials to an EC2 instance. This solves a very important issue—credential distribution and rotation, plus not having the credentials stored as clear text or in an encrypted form.

Since we have already created an IAM role in

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required