Refer to the following guide to learn how to use IAM in the cloud\
<https://scribehow.com/shared/Creating_an_IAM_User_and_User_Group_in_AWS_Management_Console__hWNiiXlcRJKFqYZZEJD-cg>

Sign in to **AWS Management Console** as an **IAM User**

**Pre-requisite** - Ensure you have selected the AWS region closest to your location\
For this guide, we will be using us-east-2 (Ohio) as a preferred choice

Type **IAM** in the search bar and click on **IAM** to view the IAM Dashboard

**What is IAM in AWS?**

IAM (Identity and Access Management) in AWS is a web service that enables you to manage access to AWS resources securely. It allows you to control who is authenticated (signed in) and authorized (has permissions) to use resources within your AWS account.

On the IAM Dashboard, select **Roles** from the left bar

**Roles** wizard will open, click on the **Create role** button

**Select trusted entity** wizard will open, select the option **AWS service**

Scroll to the Use case section, search and select **EC2** and select the option **EC2** for the Use case

It will allow EC2 instances to call AWS services on your behalf

Scroll the page and click on **Next** button

**Add permissions** wizard will open, search for **AmazonS3ReadOnlyAccess** in the search bar

**What is AmazonS3ReadOnlyAccess policy?**

The "AmazonS3ReadOnlyAccess" policy is an AWS managed policy that grants read-only access to resources within Amazon S3 (Simple Storage Service). When attached to an IAM user, group, or role, this policy allows users to view, list, and retrieve objects stored in S3 buckets, but does not grant permissions to create, modify, or delete objects.

Select the **AmazonS3ReadOnlyAccess** Policy name 

Click on the **Next** button on the right side

**Name, review, and create** wizard will open, give the **Role name** as "**EC2S3AccessRole**" and the **Description** as "**Allows EC2 instances to call AWS services on your behalf**"

Scroll the page and click on the **Create role** button

Type **EC2** in the search bar and click on **EC2** to view the EC2 Dashboard

**What is EC2 in AWS?**

Amazon Elastic Compute Cloud (Amazon EC2) is a web service provided by Amazon Web Services (AWS) that allows users to rent virtual servers, known as instances, on which they can run their own applications. EC2 provides resizable compute capacity in the cloud, making it easy to scale computing resources up or down based on demand.

On the EC2 dashboard, click on **Instances** on the left bar

Amazon Web Services

This guide provides step-by-step instructions on how to create an IAM role to connect to S3 from EC2.

Creating an IAM role to connect to S3 from EC2