Creating an IAM role to connect to S3 from EC2 | Scribe

    Creating an IAM role to connect to S3 from EC2

    • Hafeez Baig |
    • 22 steps |
    • 3 minutes
    information ordinal icon

    Refer to the following guide to learn how to use IAM in the cloud\ <https://scribehow.com/shared/Creating_an_IAM_User_and_User_Group_in_AWS_Management_Console__hWNiiXlcRJKFqYZZEJD-cg>

    1

    Sign in to **AWS Management Console** as an **IAM User** **Pre-requisite** - Ensure you have selected the AWS region closest to your location\ For this guide, we will be using us-east-2 (Ohio) as a preferred choice

    2

    Type **IAM** in the search bar and click on **IAM** to view the IAM Dashboard

    information ordinal icon

    **What is IAM in AWS?** IAM (Identity and Access Management) in AWS is a web service that enables you to manage access to AWS resources securely. It allows you to control who is authenticated (signed in) and authorized (has permissions) to use resources within your AWS account.

    3

    On the IAM Dashboard, select **Roles** from the left bar

    4

    **Roles** wizard will open, click on the **Create role** button

    5

    **Select trusted entity** wizard will open, select the option **AWS service**

    6

    Scroll to the Use case section, search and select **EC2** and select the option **EC2** for the Use case

    information ordinal icon

    It will allow EC2 instances to call AWS services on your behalf

    7

    Scroll the page and click on **Next** button

    8

    **Add permissions** wizard will open, search for **AmazonS3ReadOnlyAccess** in the search bar

    information ordinal icon

    **What is AmazonS3ReadOnlyAccess policy?** The "AmazonS3ReadOnlyAccess" policy is an AWS managed policy that grants read-only access to resources within Amazon S3 (Simple Storage Service). When attached to an IAM user, group, or role, this policy allows users to view, list, and retrieve objects stored in S3 buckets, but does not grant permissions to create, modify, or delete objects.

    9

    Select the **AmazonS3ReadOnlyAccess** Policy name

    10

    Click on the **Next** button on the right side

    11

    **Name, review, and create** wizard will open, give the **Role name** as "**EC2S3AccessRole**" and the **Description** as "**Allows EC2 instances to call AWS services on your behalf**"

    12

    Scroll the page and click on the **Create role** button

    13

    Role **EC2S3AccessRole** created

    14

    Type **EC2** in the search bar and click on **EC2** to view the EC2 Dashboard

    information ordinal icon

    **What is EC2 in AWS?** Amazon Elastic Compute Cloud (Amazon EC2) is a web service provided by Amazon Web Services (AWS) that allows users to rent virtual servers, known as instances, on which they can run their own applications. EC2 provides resizable compute capacity in the cloud, making it easy to scale computing resources up or down based on demand.

    15

    On the EC2 dashboard, click on **Instances** on the left bar