IAM Users, Roles, and Policies
There are variety of ways to authenticate yourself with IAM Roles are one of the most commonly used. Here is a Cheatsheet to get you started
So you want to authenticate your apps to use AWS resources like S3 buckets, EC2 instances, and Glue jobs. IAM Roles helps you do that.
Creating Role and User
Go into your AWS console, create a role, and a user
When creating a role, select a required policy, e.g., S3FullAccess, and copy the Role ARN
When you create a user, make a note of the User ARN,
AWS_SECRET_KEY
andAWS_ACCESS_KEY
Assigning Role to the User
Under the user permissions tab, click add inline policy. This lets the User we created create credentials dynamically to access S3.
Adding AssumeRole Permissions Role
In roles under trusted relationship, add the User ARN.
That's it. You are all set to use AWS now
Configure AWS CLI
After installing AWS CLI, run the following command. It will prompt you to add the secret and access key we noted when creating the User.
If you forgot to note it down, don't panic, you will find it under the User you created
Testing Assume Role
You can use the following CLI command or Python script to test the role
CLI command
Python Script
Last updated