- Role is a permission given to AWS Service
- Popular Use cases
- Role assigned to EC2 instance to perform any batch kind of operations.
- Role assigned to AWS Lambda to perform automations
- Systems Manager.
- Sample Use case:
- Create a EC2 machine with Role roledemo1 assigned to create s3 buckets.
- Login into the machine and execute the following commands
aws s3 ls # success aws s3 mb s3://qts3roledemo.com # success aws s3 ls # success aws ec2 describe-instances --region us-west-2# failure
- Now try attach ec2 readonly policy to same role roledemo1 and execute
aws ec2 describe-instances --region us-west-2 # sucess
- Now change the role attached to ec2 machine to new role roledemo2 with an attached policy to aws rds full accessss
aws ec2 describe-instances --region us-west-2 # failure aws rds describe-db-instance --region us-west-2 # success
Configure a AWS CLI
Create an IAM user with Programmatic Access.
When we create Programmatic ACCESS we get
- AWS ACCESS Key
- AWS Secret KEy
Now you can install aws cli and configure AWS CLI with ACCESS Key and secret.
Secret keys can be replaced any time (Replacing regularly is a better practice.)
Lets create two iam users with Programmatic ACCESS only
Install AWS CLI 2 on windows Refer Here
Installing AWS CLI 2 on Linux Refer Here
Configuring AWS CLI Refer Here
Multple users can be configured in the CLI using named profile Refer Here