O'Reilly logo

Mobile DevOps by Jhalak Modi, Rohin Tak

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

IAM roles

AWS IAM role gives an extra layer of security by managing and rotating the keys themselves. Keys are encrypted credentials known as access key and secret key.

Access key example is as follows:

aws iam create-role --role-name myTestKey --assume-role-policy-document file://myTestKeyPolicy.json --description "Role for testing access from EC2 to S3 and Route 53"

A policy is JSON document consist of permission delegated from one AWS service to another AWS service. The default permission of an IAM role is all deny (by default blocks all the requests to any service until specified explicitly). Sample policy is for creating and managing an EC2 instance, S3 bucket, and Route 53.

Sample policy (save the following text as myTestKeyPolicy.json ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required