AWS IAM role

- Trusted policy
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
-
add permissions
- AmazonS3FullAccess
- AmazonSSMFullAccess
-
create ec2 instance and attached role
without Role
- create Iam user
- policy to provide access
- this secuirty issue to store cridentals
Task:
- create role and attach permissions for s3 upload and delete files
aws s3 cp demo/ s3://ram-demo-qt-role-aws/demo/ --recursive
aws s3 rm s3://ram-demo-qt-role-aws/demo/1.txt
![]()
