An IAM Role is an AWS identity with specific permissions that determine what actions can be performed. Unlike an IAM User, a role does not have long-term credentials such as a password or access keys. Instead, roles are meant to be assumed by trusted entities such as users, applications, or AWS services, which are provided temporary security credentials.
Example Code:
{
"RoleName": "ExampleRole",
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
},
"Description": "An example role for EC2",
"MaxSessionDuration": 3600
}