How to Create IAM Roles in AWS?
An IAM role is an IAM identity that we can create in our AWS account that has specific permissions. It is a similar IAM user with permission policies that determine what the identity can and cannot do in AWS. IAM Role allows AWS services to perform actions on our behalf.
On the IAM landing page, click on “Roles” on the left board. Snap-on “Create role“.
In this article, we will make a Role for Lambda Service. Snap-on “Lambda” and snap on “Next: Permissions“.
In the search box, search for “ec2readonlyaccess” and tick on the registration for the strategy “AmazonEC2ReadyOnlyAccess“. This will give “read-just” access to the Lambda work on EC2 Service. Snap-on “Next: Tags“.
Adding tags is discretionary however can be utilized to arrange track or control access for this job. Snap-on “Next: Review” to proceed further.
Give a name to the role, add a description and snap “Create role“. This will create a Role that will Allows Lambda functions to
call AWS services on your behalf with “ReadOnlyAccess” on the “EC2” service.