Create IAM Role

Create IAM Role

We will proceed to create an IAM role for user EC2 Administrator along with the policies created in the previous section.

  1. Login to AWS Management Console and access IAM Management Console.
  2. In the left-hand navigation bar, select Roles and click the Create role button.

IAM Role

  1. In the new creation screen, we select Another AWS account and enter our account ID (you can find Account ID in My Account), besides Require MFA as a mandatory choice (best practice).

IAM Role

In the Attach permissions policies area, we will choose the following policies in turn:

  • ec2-list-read
  • ec2-create-tags
  • ec2-create-tags-existing
  • ec2-run-instances
  • ec2-manage-instances

IAM Role

  1. Select Next: Tags.

IAM Role

  1. For automatic configuration. Select Next: Review to proceed with the review.
  • Enter a name (eg ec2-admin-team-alpha) along with a specific description.

IAM Role

  1. Proceed to create by clicking Create role.

IAM Role

  1. After successful creation, in the list of IAM roles, we choose ec2-admin-team-alpha and need to save 2 things:

    • Role RNA
    • Switch Role URL

IAM Role

  1. Use ARN IAM user to configure Trust relationships

IAM Role

  1. Make an edit trust policy

IAM Role

  1. Complete the update.

IAM Role