{"id":934,"date":"2020-01-10T10:21:31","date_gmt":"2020-01-10T10:21:31","guid":{"rendered":"https:\/\/www.easydeploy.io\/blog\/?p=934"},"modified":"2020-01-10T10:23:28","modified_gmt":"2020-01-10T10:23:28","slug":"aws-iam-roles-and-policies","status":"publish","type":"post","link":"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/","title":{"rendered":"Understanding AWS IAM Roles and Policies"},"content":{"rendered":"<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\"><a href=\"https:\/\/www.easydeploy.io\/blog\/things-to-know-about-cyber-security-in-cloud\/\" target=\"_blank\" rel=\"noopener noreferrer\">Security<\/a> is one of the prominent concerns in the present times for every business. The large-scale transition of businesses towards the digital frontier places many challenges of security for organizations. One of the notable advancements that organizations are adopting now is the transition to the cloud. The popularity of <a href=\"https:\/\/www.easydeploy.io\/blog\/steps-to-get-started-with-aws-cloud\/\" target=\"_blank\" rel=\"noopener noreferrer\">AWS<\/a> as a reliable cloud service provider is clearly evident in the market share it enjoys among cloud service vendors. <\/span><\/p>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">So, does AWS provide the assurance of security? This is where the mention of\u00a0AWS IAM roles\u00a0becomes evident! In addition to IAM roles, AWS also provides the facility of policies. Basically, IAM roles establish the set of permissions for making AWS service requests and policies establish the required permissions. The following discussion aims at pointing basic information about\u00a0AWS IAM roles and policies\u00a0through investigation of the basic terms and concepts.<\/span><\/p>\n<blockquote><p><strong>Also Check:<\/strong> <a href=\"https:\/\/www.easydeploy.io\/blog\/aws-security-best-practices\/\" target=\"_blank\" rel=\"noopener noreferrer\">Top 10 AWS Security Best Practices to secure your AWS infrastructure<\/a>!<\/p><\/blockquote>\n<h2 class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">Importance of IAM roles on AWS<\/span><\/h2>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">Before proceeding ahead with the discussion on AWS IAM roles, it is essential to reflect on the necessity of IAM. What is IAM? <a href=\"https:\/\/aws.amazon.com\/iam\/\" target=\"_blank\" rel=\"noopener noreferrer\">IAM (Identity and Access Management)<\/a> is the abbreviation for one of the notable security precedents i.e., Identity and Access Management. The need for IAM is evident in an organization when different employees use the same password for multiple applications. IAM is ideal in scenarios where employees manage passwords with the help of sticky notes or spreadsheets. <\/span><\/p>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">In addition, the burden of password-related support and inabilities for enforcing security policies in the cloud on your IT department also validates the need for identity and access management. Implementation of IAM helps an organization in the management of authorization and privileges throughout the system for increased security. Most important of all, IAM solutions help in improving productivity through automation of manual security tasks.<\/span><\/p>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">Other notable benefits of IAM include:\u00a0<\/span><\/p>\n<ul class=\"ul1\" style=\"text-align: justify;\">\n<li class=\"li1\"><span class=\"s1\">Reduction of information security risks.<\/span><\/li>\n<li class=\"li1\"><span class=\"s1\">Better operating efficiency and transparency.<\/span><\/li>\n<li class=\"li1\"><span class=\"s1\">Enhanced user satisfaction.<\/span><\/li>\n<li class=\"li1\"><span class=\"s1\">Appropriate regulatory compliance.<\/span><\/li>\n<li class=\"li1\"><span class=\"s1\">Reduction of costs for IT operations and development.<\/span><\/li>\n<\/ul>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">So, IAM definitely seems like a necessary security measure if you want to move to the AWS cloud, doesn\u2019t it? Then, let us dive now into details about\u00a0AWS IAM roles. First of all, it is essential to know the difference between Roles, Users, and Groups for the effective deployment of access security in a particular cloud environment. <\/span><\/p>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">IAM Users are account objects that help individual users in accessing an AWS environment with a particular set of credentials. While IAM Groups and objects with specifically assigned permissions through Policies that can allow access to specific resources for Group members. IAM Roles are objects in the IAM with certain Policy permissions. <\/span><\/p>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">However, IAM Roles do not associate with Users like in the case of Groups. On the contrary, IAM roles associated with instances at the time of launch, thereby enabling the instance to follow the permissions in the role. As a result, there is no need for local storage of Access Keys on the concerned instance.\u00a0<\/span><\/p>\n<blockquote><p>Planning to migrate your cloud infrastructure to AWS? Check out these\u00a0<a href=\"https:\/\/www.easydeploy.io\/blog\/aws-migration-steps\/\" target=\"_blank\" rel=\"noopener noreferrer\">simple steps for AWS migration<\/a>.<\/p><\/blockquote>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">A basic\u00a0AWS IAM Roles tutorial\u00a0would inform that IAM Role is similar to IAM user. It is an AWS identity that has permission policies for determining the privileges and restrictions of the identity in AWS. Even if a role is suitable for one person, it can be assumed by any individual who needs it. <\/span><\/p>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">In addition, a role does not have standard long-term credentials associated with them e.g., access keys or passwords. On the other hand, it provides temporary security credentials for a role session when you assume a role. The specific users who can leverage\u00a0AWS IAM roles\u00a0also form an important aspect of this discussion.<\/span><\/p>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">IAM user in the same AWS account as the role or IAM user in different AWS account than the role can create user IAM roles on AWS. In addition, <a href=\"https:\/\/www.easydeploy.io\/blog\/aws-services-list\/\" target=\"_blank\" rel=\"noopener noreferrer\">AWS services<\/a> such as Amazon EC2 could use IAM roles. External users authenticated through an external identity provider service compatible with OpenID Connect or SAML 2.0 or custom-built identity broker could also use roles.\u00a0<\/span><\/p>\n<h3 class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">Scenarios for using AWS IAM roles<\/span><\/h3>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">The next focus of this\u00a0AWS IAM roles tutorial\u00a0would be on the common scenarios for using the roles. Just like other AWS features, there are two ways of using a role. The first method involves an interactive approach for using\u00a0AWS IAM Roles\u00a0in the IAM console. The second option involves a programmatic approach for using IAM roles with the AWS CLI, API, or Tools for Windows PowerShell. <\/span><\/p>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">IAM users in a particular account using the IAM console could switch to a role for temporarily using permissions of a concerned role in the console. Users have to give up the original permissions and\u00a0AWS assign role to user\u00a0with specific permissions. Upon exiting the role, the user regains the original permissions.\u00a0<\/span><\/p>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">The next important way for using roles is the assumption of a role by an application or service on AWS. This approach involves a request for temporary security credentials for a role that would help in making programmatic requests to AWS. Such type of use scenarios for the AWS IAM role doesn\u2019t imply the need for sharing or maintenance of long-term security credentials for each entity to access a resource.\u00a0<\/span><\/p>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">The simplest approach for using roles is evident in granting permissions to IAM users for switching to roles created within an AWS account. Then, users could switch their\u00a0AWS IAM roles\u00a0easily by using the IAM console for using specific permissions.\u00a0AWS assign role to user\u00a0in such a way for preventing modification of sensitive resources or accidental and malicious access.\u00a0<\/span><\/p>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">Another complex way of the use of role is evident in granting access to federated external users or applications and services. In such cases, calling the AssumeRole API helps in using IAM roles on AWS. The function of the API call is to return a set of temporary credentials for use in subsequent API calls. Actions with the temporary credentials only have the permissions allowed by the associated role. Applications stop using the temporary credentials and then starts calling with original credentials after completing concerned tasks.\u00a0<\/span><\/p>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">Federated users could sign in with the use of credentials from an identity provider (IdP). Then AWS could provide temporary credentials to the trusted IdP for passing on to the user. The credentials help in AWS resource requests and provide permissions for the assigned roles.\u00a0<\/span><\/p>\n<h4 class=\"p1\"><span class=\"s1\">Now, let us take a look at the different scenarios in which AWS IAM roles find a suitable application:<\/span><\/h4>\n<ul class=\"ul1\" style=\"text-align: justify;\">\n<li class=\"li1\"><span class=\"s1\">Providing access for an IAM user in one AWS account under your ownership for accessing resources in another account under your ownership.<\/span><\/li>\n<li class=\"li1\"><span class=\"s1\">Provision of access to IAM users in AWS accounts under the ownership of third parties.<\/span><\/li>\n<li class=\"li1\"><span class=\"s1\">Providing access for externally authenticated users, also known as identity federation.<\/span><\/li>\n<li class=\"li1\"><span class=\"s1\">Provision of access for AWS services offered to AWS resources.\u00a0<\/span><\/li>\n<\/ul>\n<blockquote><p>Planning to hire an AWS Consulting Company to handle the security of your infrastructure? Check out the\u00a0<a href=\"https:\/\/www.easydeploy.io\/blog\/aws-consulting-freelancer-hourly-rate\/\" target=\"_blank\" rel=\"noopener noreferrer\">points to consider while choosing an AWS consulting company<\/a>.<\/p><\/blockquote>\n<h3 class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">Examples of AWS IAM roles<\/span><\/h3>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">Further reflection on an AWS\u00a0IAM role example\u00a0can improve our understanding of the topic under discussion. Let us take the AWS\u00a0IAM role example\u00a0of the AWS service role for the ab EC2 instance. AWS service role is the one that a service assumes for performing actions in an account on behalf of the user. While setting up certain AWS service environments, you have to define a role that the service has to assume. <\/span><\/p>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">The service role should include all required permissions for the service to ensure access to AWS resources needed. Service roles could vary widely, albeit with the majority of them allowing for the selection of permissions while maintaining compliance with documented requirements for a particular service. Service role for an EC2 instance is a special service role wherein applications running on EC2 instance could assume the role for performing actions in an account.\u00a0<\/span><\/p>\n<h3 class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">AWS IAM policies<\/span><\/h3>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">Now, let us take the final step in this discussion on the basics of\u00a0AWS\u00a0IAM roles and policies. Till now, the discussion\u2019s emphasis was on IAM roles. Let us find out more about AWS IAM policies. Users can manage access in AWS through the creation of policies and then associating them with IAM identities or AWS resources. The policy is an AWS object that defines permissions of identity or resource, with which it associates. <\/span><\/p>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">AWS undertakes an evaluation of these policies upon the request by a principal entity such as user or role. Permissions in the policies help in determining the allowing or denying of requests. Now, let us take a look at\u00a0AWS IAM policy examples\u00a0for an improved understanding of them. First of all, take identity-based policies, for example, which are JSON permissions policy documents attached to an AWS identity. <\/span><\/p>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">These policies help in controlling the actions of an entity, conditions, and relevant resources. Another prominent mention among\u00a0AWS IAM policy examples\u00a0is resource-based policies. The resource-based policy is a JSON policy document attached to a resource such as an Amazon S3 bucket. The function of these policies is for granting specific principal permission for performing specific actions on a resource.\u00a0<\/span><\/p>\n<h4 class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">Conclusion<\/span><\/h4>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">Identity and access management (IAM) is definitely a staple requirement for shifting your business to the cloud.\u00a0AWS IAM roles\u00a0serve a wide range of functionalities to ensure the security of AWS resources. However, the effectiveness of IAM roles and policies on AWS depends considerably on the use of best practices. <\/span><\/p>\n<p class=\"p1\" style=\"text-align: justify;\"><span class=\"s1\">For example, the creation of groups reflecting organizational roles rather than a technical community and enabling multi-factor authentication (MFA) for privileged users. Policy-related best practices include the improvement of granularity of policies by leveraging IAM conditions. IAM conditions can help in refining policies by a substantial margin according to your requirements. So, IAM roles and policies on AWS tend to be one of the strong foundations for <a href=\"https:\/\/www.easydeploy.io\/blog\/aws-security-issues\/\" target=\"_blank\" rel=\"noopener noreferrer\">AWS security<\/a>.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Security is one of the prominent concerns in the present times for every business. The large-scale transition of businesses towards the digital frontier places many challenges of security for organizations. One of the notable advancements that organizations are adopting now is the transition to the cloud. The popularity of AWS as a reliable cloud service [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":970,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[264,262,261,265,263],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Understanding AWS IAM Roles and Policies | easydeploy.io<\/title>\n<meta name=\"description\" content=\"AWS IAM roles and policies play an important role in the in the AWS security. Let&#039;s have a detailed overview of AWS IAM Roles and Policies.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Understanding AWS IAM Roles and Policies | easydeploy.io\" \/>\n<meta property=\"og:description\" content=\"AWS IAM roles and policies play an important role in the in the AWS security. Let&#039;s have a detailed overview of AWS IAM Roles and Policies.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/\" \/>\n<meta property=\"og:site_name\" content=\"easydeploy.io\" \/>\n<meta property=\"article:published_time\" content=\"2020-01-10T10:21:31+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-01-10T10:23:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.easydeploy.io\/blog\/wp-content\/uploads\/2020\/01\/AWS_IAM_Roles_and_Policies.png\" \/>\n\t<meta property=\"og:image:width\" content=\"830\" \/>\n\t<meta property=\"og:image:height\" content=\"360\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Siranjeevi R\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Siranjeevi R\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/\"},\"author\":{\"name\":\"Siranjeevi R\",\"@id\":\"https:\/\/www.easydeploy.io\/blog\/#\/schema\/person\/0e7f79e0cd26f6446f7a76d9d2d3b20c\"},\"headline\":\"Understanding AWS IAM Roles and Policies\",\"datePublished\":\"2020-01-10T10:21:31+00:00\",\"dateModified\":\"2020-01-10T10:23:28+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/\"},\"wordCount\":1667,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.easydeploy.io\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.easydeploy.io\/blog\/wp-content\/uploads\/2020\/01\/AWS_IAM_Roles_and_Policies.png\",\"keywords\":[\"AWS assign role to user\",\"AWS IAM Policy examples\",\"AWS IAM Roles and Policies\",\"AWS IAM roles tutorial\",\"IAM Role example\"],\"articleSection\":[\"News\"],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/\",\"url\":\"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/\",\"name\":\"Understanding AWS IAM Roles and Policies | easydeploy.io\",\"isPartOf\":{\"@id\":\"https:\/\/www.easydeploy.io\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.easydeploy.io\/blog\/wp-content\/uploads\/2020\/01\/AWS_IAM_Roles_and_Policies.png\",\"datePublished\":\"2020-01-10T10:21:31+00:00\",\"dateModified\":\"2020-01-10T10:23:28+00:00\",\"description\":\"AWS IAM roles and policies play an important role in the in the AWS security. Let's have a detailed overview of AWS IAM Roles and Policies.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/#primaryimage\",\"url\":\"https:\/\/www.easydeploy.io\/blog\/wp-content\/uploads\/2020\/01\/AWS_IAM_Roles_and_Policies.png\",\"contentUrl\":\"https:\/\/www.easydeploy.io\/blog\/wp-content\/uploads\/2020\/01\/AWS_IAM_Roles_and_Policies.png\",\"width\":830,\"height\":360,\"caption\":\"AWS IAM Roles\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.easydeploy.io\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Understanding AWS IAM Roles and Policies\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.easydeploy.io\/blog\/#website\",\"url\":\"https:\/\/www.easydeploy.io\/blog\/\",\"name\":\"easydeploy.io\",\"description\":\"A Cloud Architect Company\",\"publisher\":{\"@id\":\"https:\/\/www.easydeploy.io\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.easydeploy.io\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.easydeploy.io\/blog\/#organization\",\"name\":\"EasyDeploy Technologies Pvt Ltd\",\"url\":\"https:\/\/www.easydeploy.io\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.easydeploy.io\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.easydeploy.io\/blog\/wp-content\/uploads\/2019\/02\/easydeploy.png\",\"contentUrl\":\"https:\/\/www.easydeploy.io\/blog\/wp-content\/uploads\/2019\/02\/easydeploy.png\",\"width\":536,\"height\":100,\"caption\":\"EasyDeploy Technologies Pvt Ltd\"},\"image\":{\"@id\":\"https:\/\/www.easydeploy.io\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.easydeploy.io\/blog\/#\/schema\/person\/0e7f79e0cd26f6446f7a76d9d2d3b20c\",\"name\":\"Siranjeevi R\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.easydeploy.io\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/353661218917699fcc292e9bc0da9081?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/353661218917699fcc292e9bc0da9081?s=96&d=mm&r=g\",\"caption\":\"Siranjeevi R\"},\"url\":\"https:\/\/www.easydeploy.io\/blog\/author\/siru\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Understanding AWS IAM Roles and Policies | easydeploy.io","description":"AWS IAM roles and policies play an important role in the in the AWS security. Let's have a detailed overview of AWS IAM Roles and Policies.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/","og_locale":"en_GB","og_type":"article","og_title":"Understanding AWS IAM Roles and Policies | easydeploy.io","og_description":"AWS IAM roles and policies play an important role in the in the AWS security. Let's have a detailed overview of AWS IAM Roles and Policies.","og_url":"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/","og_site_name":"easydeploy.io","article_published_time":"2020-01-10T10:21:31+00:00","article_modified_time":"2020-01-10T10:23:28+00:00","og_image":[{"width":830,"height":360,"url":"https:\/\/www.easydeploy.io\/blog\/wp-content\/uploads\/2020\/01\/AWS_IAM_Roles_and_Policies.png","type":"image\/png"}],"author":"Siranjeevi R","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Siranjeevi R","Estimated reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/#article","isPartOf":{"@id":"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/"},"author":{"name":"Siranjeevi R","@id":"https:\/\/www.easydeploy.io\/blog\/#\/schema\/person\/0e7f79e0cd26f6446f7a76d9d2d3b20c"},"headline":"Understanding AWS IAM Roles and Policies","datePublished":"2020-01-10T10:21:31+00:00","dateModified":"2020-01-10T10:23:28+00:00","mainEntityOfPage":{"@id":"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/"},"wordCount":1667,"commentCount":0,"publisher":{"@id":"https:\/\/www.easydeploy.io\/blog\/#organization"},"image":{"@id":"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/#primaryimage"},"thumbnailUrl":"https:\/\/www.easydeploy.io\/blog\/wp-content\/uploads\/2020\/01\/AWS_IAM_Roles_and_Policies.png","keywords":["AWS assign role to user","AWS IAM Policy examples","AWS IAM Roles and Policies","AWS IAM roles tutorial","IAM Role example"],"articleSection":["News"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/","url":"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/","name":"Understanding AWS IAM Roles and Policies | easydeploy.io","isPartOf":{"@id":"https:\/\/www.easydeploy.io\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/#primaryimage"},"image":{"@id":"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/#primaryimage"},"thumbnailUrl":"https:\/\/www.easydeploy.io\/blog\/wp-content\/uploads\/2020\/01\/AWS_IAM_Roles_and_Policies.png","datePublished":"2020-01-10T10:21:31+00:00","dateModified":"2020-01-10T10:23:28+00:00","description":"AWS IAM roles and policies play an important role in the in the AWS security. Let's have a detailed overview of AWS IAM Roles and Policies.","breadcrumb":{"@id":"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/#primaryimage","url":"https:\/\/www.easydeploy.io\/blog\/wp-content\/uploads\/2020\/01\/AWS_IAM_Roles_and_Policies.png","contentUrl":"https:\/\/www.easydeploy.io\/blog\/wp-content\/uploads\/2020\/01\/AWS_IAM_Roles_and_Policies.png","width":830,"height":360,"caption":"AWS IAM Roles"},{"@type":"BreadcrumbList","@id":"https:\/\/www.easydeploy.io\/blog\/aws-iam-roles-and-policies\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.easydeploy.io\/blog\/"},{"@type":"ListItem","position":2,"name":"Understanding AWS IAM Roles and Policies"}]},{"@type":"WebSite","@id":"https:\/\/www.easydeploy.io\/blog\/#website","url":"https:\/\/www.easydeploy.io\/blog\/","name":"easydeploy.io","description":"A Cloud Architect Company","publisher":{"@id":"https:\/\/www.easydeploy.io\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.easydeploy.io\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/www.easydeploy.io\/blog\/#organization","name":"EasyDeploy Technologies Pvt Ltd","url":"https:\/\/www.easydeploy.io\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.easydeploy.io\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.easydeploy.io\/blog\/wp-content\/uploads\/2019\/02\/easydeploy.png","contentUrl":"https:\/\/www.easydeploy.io\/blog\/wp-content\/uploads\/2019\/02\/easydeploy.png","width":536,"height":100,"caption":"EasyDeploy Technologies Pvt Ltd"},"image":{"@id":"https:\/\/www.easydeploy.io\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.easydeploy.io\/blog\/#\/schema\/person\/0e7f79e0cd26f6446f7a76d9d2d3b20c","name":"Siranjeevi R","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.easydeploy.io\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/353661218917699fcc292e9bc0da9081?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/353661218917699fcc292e9bc0da9081?s=96&d=mm&r=g","caption":"Siranjeevi R"},"url":"https:\/\/www.easydeploy.io\/blog\/author\/siru\/"}]}},"_links":{"self":[{"href":"https:\/\/www.easydeploy.io\/blog\/wp-json\/wp\/v2\/posts\/934"}],"collection":[{"href":"https:\/\/www.easydeploy.io\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.easydeploy.io\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.easydeploy.io\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.easydeploy.io\/blog\/wp-json\/wp\/v2\/comments?post=934"}],"version-history":[{"count":7,"href":"https:\/\/www.easydeploy.io\/blog\/wp-json\/wp\/v2\/posts\/934\/revisions"}],"predecessor-version":[{"id":973,"href":"https:\/\/www.easydeploy.io\/blog\/wp-json\/wp\/v2\/posts\/934\/revisions\/973"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.easydeploy.io\/blog\/wp-json\/wp\/v2\/media\/970"}],"wp:attachment":[{"href":"https:\/\/www.easydeploy.io\/blog\/wp-json\/wp\/v2\/media?parent=934"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.easydeploy.io\/blog\/wp-json\/wp\/v2\/categories?post=934"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.easydeploy.io\/blog\/wp-json\/wp\/v2\/tags?post=934"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}