Difference between revisions of "AWS IAM role"

https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html

Errors

Commands

• aws iam list-roles
• aws iam create-role
• aws iam put-role-policy
• aws iam get-role
• aws iam create-service-linked-role
• aws iam update-role

Related

• AWS service roles: https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html
• AWS Policies: AWS trust policy
• aws sts assume-role-with-saml
• aws sts assume-role
• Iam:GetRole
• rds-monitoring-role
• AWS IAM federation
• Switch role to acounts: OrganizationAccountAccessRole
• KarpenterNode
• IAM Roles for Service Accounts (IRSA)
• AWS policy: AdministratorAccess
• GCP roles
• IAM roles for EC2 instances
• ecsInstanceRole
• eks.amazonaws.com/role-arn: arn:aws:iam::012345678912:role/AmazonEKS_EBS_CSI_DriverRole
• Inherited from node
• aws_ecs_service
• Using service-linked roles for Amazon ECS

Activities

• Create a role for SAML federation https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_saml.html
• Read https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_compare-resource-policies.html
• Read Creating a role to delegate permissions to an IAM user: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user.html

See also

• AWS IAM role, AWS service roles, AWS IAM Roles Anywhere: [ list-roles | get-role | create-role | put-role-policy | create-service-linked-role | attach-role-policy | update-role | add-role-to-instance-profile ], aws ec2 describe-iam-instance-profile-associations ], IAM roles for EC2 instances, AWSServiceRoleForAutoScaling