Tutorial blog to create IAM role & attach the role to EC2 instance to access S3

Updated: Oct 10, 2023

Learning Objective:

Step 1:

Step 2:

Click on the Roles in the left navigation pane and click on Create Role.

Step 3:

Similar screen will appear as the image given below.

Step 4:

Next attach permissions policies to the role.

Step 5:

Provide Name = EC2_S3_ROLE and click on Create role in the bottom right corner.

Step 6:

Provision Linux Instance. You may refer to our document for

After the instance is in Running state click on Actions Button.In the Security

option click in Modify IAM role.

Select the IAM role that is created previously in this documentfrom the drop down. In this case it is EC2-S3. Click on Update IAM role.

Step 7:

Connect to the instance. Type the following command in the terminal.

aws s3 mb s3://mysourcebucket6847

Step 8:

Go to EC2 Services and detach the role using following steps. Go to

Action -> Security -> Modify IAM role

Select No IAM Role from the drop down.Click on Update IAM role.

A pop-up window will appear confirming the detach role process.Enter ‘Detach’ in the field and click on Detach.

Step 9:

Go back to the Instance Connect Window. Try creating a bucket with different name.

An error occurs. This explains that the IAM role with right permissions is required to access S3 service.

Step 10:

Re-Attach the role using instructions from Step 8.And create that bucket using the same command.

The bucket is created.Confirm the same in S3 service.

Step 11:

Further if you don’t need this instance and role make sure you terminate and delete them.

Was this document helpful? How can we make this document better. Please provide your insights. You can download PDF version for reference.

Recent Posts