Creating an IAM role to connect to S3 from EC2 | Scribe

Creating an IAM role to connect to S3 from EC2

  • Hafeez Baig |
  • 22 steps |
  • 3 minutes
  • Amazon Web ServicesAmazon Web Services
information ordinal icon
Refer to the following guide to learn how to use IAM in the cloud\ <https://scribehow.com/shared/Creating_an_IAM_User_and_User_Group_in_AWS_Management_Console__hWNiiXlcRJKFqYZZEJD-cg>
1
Sign in to **AWS Management Console** as an **IAM User** **Pre-requisite** - Ensure you have selected the AWS region closest to your location\ For this guide, we will be using us-east-2 (Ohio) as a preferred choice
2
Type **IAM** in the search bar and click on **IAM** to view the IAM Dashboard
information ordinal icon
**What is IAM in AWS?** IAM (Identity and Access Management) in AWS is a web service that enables you to manage access to AWS resources securely. It allows you to control who is authenticated (signed in) and authorized (has permissions) to use resources within your AWS account.
3
On the IAM Dashboard, select **Roles** from the left bar
4
**Roles** wizard will open, click on the **Create role** button
5
**Select trusted entity** wizard will open, select the option **AWS service**
6
Scroll to the Use case section, search and select **EC2** and select the option **EC2** for the Use case
information ordinal icon
It will allow EC2 instances to call AWS services on your behalf
7
Scroll the page and click on **Next** button
8
**Add permissions** wizard will open, search for **AmazonS3ReadOnlyAccess** in the search bar
information ordinal icon
**What is AmazonS3ReadOnlyAccess policy?** The "AmazonS3ReadOnlyAccess" policy is an AWS managed policy that grants read-only access to resources within Amazon S3 (Simple Storage Service). When attached to an IAM user, group, or role, this policy allows users to view, list, and retrieve objects stored in S3 buckets, but does not grant permissions to create, modify, or delete objects.
9
Select the **AmazonS3ReadOnlyAccess** Policy name
10
Click on the **Next** button on the right side
11
**Name, review, and create** wizard will open, give the **Role name** as "**EC2S3AccessRole**" and the **Description** as "**Allows EC2 instances to call AWS services on your behalf**"
12
Scroll the page and click on the **Create role** button
13
Role **EC2S3AccessRole** created
14
Type **EC2** in the search bar and click on **EC2** to view the EC2 Dashboard
information ordinal icon
**What is EC2 in AWS?** Amazon Elastic Compute Cloud (Amazon EC2) is a web service provided by Amazon Web Services (AWS) that allows users to rent virtual servers, known as instances, on which they can run their own applications. EC2 provides resizable compute capacity in the cloud, making it easy to scale computing resources up or down based on demand.
15
On the EC2 dashboard, click on **Instances** on the left bar