A role is a set of permissions that grants access to AWS resources. Roles are not associated with any user or group but instead are assumed by a trusted entity which can be an IAM user, application ,or AWS service such as EC2. The difference between an IAM user and a role is that a role cannot access the AWS resources directly, implying that they do not have any credentials. This property is very useful when the trusted AWS service, such as EC2, assumes a role. There is no need to provide credentials to an EC2 instance. This solves a very important issue—credential distribution and rotation, plus not having the credentials stored as clear text or in an encrypted form.
Since we have already created an IAM role in