Frequently Asked Questions On IAM Roles-FAQs

How To Create IAM Role for AWS Lambda?

Following is the sample command which you can create AWS IAM role for AWS lambda using AWS CLI.

aws iam create-role --role-name GFGROLE --assume-role-policy-document file://trust-policy.json

Replace the GFGROLE with the desired role you want and create JSON file with a trust policy.

Creating IAM Role to Access S3 Bucket

Here’s an example AWS CLI command to create an IAM role for S3 access:

aws iam create-role --role-name S3RoleName --assume-role-policy-document file://trust-policy.json

Create trust policy with JSON file.

Create IAM Role for EKS Node Group

Here’s an example AWS CLI command to create an IAM role for an EKS node group:

aws iam create-role --role-name EKSNodeGroupRole --assume-role-policy-document file://trust-policy.json

Create trust policy with JSON file.

In this article, we will cover how we can easily create an IAM role use it with an EC2 instance, and provide the required permissions with the S3 policies. These IAM Roles are the identities that we are creating in our account so that we can provide specific permissions to the users. So these Roles provide us the temporary credentials of security for our session.Consider the Scenario in which we want to grant access to our account to third parties that can perform operations such as audits of our resources or consider another scenario in which we want to access users who have identities prior outside the Aws like in our corporate Directory. So we can use the roles for access to users’ services or applications that don’t have access to AWS resources.