IAM Role

aws/iam aws/security

💡 Definition

An IAM Role is an IAM identity that you can create in your account that has specific permissions. It is similar to an IAM user, but instead of being uniquely associated with one person, a role is intended to be assumable by anyone who needs it.

🔑 Key Concepts

⚙️ How it Works

  1. Create Role: Define permissions (Policy) and trust relationship (Who can use it).
  2. Assume Role: An entity (e.g., an EC2 instance) requests to assume the role.
  3. Get Token: AWS returns temporary credentials.
  4. Action: The entity uses these credentials to perform actions (e.g., write to an S3 bucket).

🎯 Use Cases

💰 Pricing Model

📝 Exam Tips (CLF-C02)


See Also: * IAM User * EC2 * Lambda