top of page
Search
  • Writer's pictureParag
    • Oct 1, 2020
    • 2 min read

Tutorial blog to create IAM role & attach the role to EC2 instance to access S3

Updated: Oct 10, 2023

Learning Objective:

  • Learn to attach IAM roles to EC2 instances for S3 access.

Step 1:

Log in to the AWS management console. Find for IAM service in the search bar provided on the page.

Step 2:

Click on the Roles in the left navigation pane and click on Create Role.


Step 3:

Similar screen will appear as the image given below.

  • Select the first AWS service tile as shown below.

  • Click on EC2.

  • Click on Next: Permissions.


Step 4:

Next attach permissions policies to the role.

  • Search for AmazonS3FullAccess and select the policy.

  • Click on Next


Step 5:

Provide Name = EC2_S3_ROLE and click on Create role in the bottom right corner.

Step 6:

Provision Linux Instance. You may refer to our document for

After the instance is in Running state click on Actions Button.In the Security

option click in Modify IAM role.

Select the IAM role that is created previously in this documentfrom the drop down. In this case it is EC2-S3. Click on Update IAM role.

Step 7:

Connect to the instance. Type the following command in the terminal.

aws s3 mb s3://mysourcebucket6847

  • Using this command, a bucket will get created in the S3 service.

  • Navigate to the S3 service and ensure that your bucket has been created.

Step 8:

Go to EC2 Services and detach the role using following steps. Go to

Action -> Security -> Modify IAM role

Select No IAM Role from the drop down.Click on Update IAM role.

A pop-up window will appear confirming the detach role process.Enter ‘Detach’ in the field and click on Detach.

Step 9:

  • Go back to the Instance Connect Window. Try creating a bucket with different name.

  • An error occurs. This explains that the IAM role with right permissions is required to access S3 service.

Step 10:

  • Re-Attach the role using instructions from Step 8.And create that bucket using the same command.

The bucket is created.Confirm the same in S3 service.


Step 11:

Further if you don’t need this instance and role make sure you terminate and delete them.



Was this document helpful? How can we make this document better. Please provide your insights. You can download PDF version for reference.




IAM_EC2-S3_ROLE
.pdf
Download PDF • 797KB


331 views21 comments

Recent Posts

See All
bottom of page