IAM Role
- IAM Role represents the permission given to AWS Service to access other AWS Services
- Refer class room video for screenshots
Scenario: Give permission to ec2 to create iam users
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Statement1",
"Effect": "Allow",
"Action": [
"iam:GenerateCredentialReport",
"iam:GenerateServiceLastAccessedDetails",
"iam:Get*",
"iam:List*",
"iam:SimulateCustomPolicy",
"iam:SimulatePrincipalPolicy",
"iam:CreateUser"
],
"Resource": [
"*"
]
}
Scenario: Give permission to lambda to do anything in iam
- Policy: IAMFullAccess
- Create a role for lambda to IAM (IAMFullaccess)
