Roles allow various AWS services to communicate with each other without you having to manage these credentials manually. E.g. If we want our EC2 instance to communicate with one of the services, then the EC2 instance would use need our security credentials. By setting up a role for this, we avoid giving the credentials to EC2 instance all the time.

You just setup a Policy that service ABC is allowed to communicate with service XYZ and things are good to go.

Users = People (End Users)

Groups = A collection of users under one set of permissions

Roles = Roles can be created and assigned to various AWS resources

Policy = A document that defines one or more permission. Policy can be attached to:

Users
Groups
Roles

IAM - Roles / Policies

results matching ""

No results matching ""