Certified Security - Specialty

Sign Up Free or Log In to participate!

deference between IAM role and policy?

What is the deference between IAM role and policy?

Darryl M.

IAM roles are a secure way to grant permission to entities that you trust, which can include IAM users in another AWS account, application code running on an EC2 instance that needs to perform actions on AWS resources, etc. Policies are attached to identities (users, groups of users, or roles) or AWS resources.

2 Answers

IAM Policies are permissions you set for AWS resources.

You can attach IAM Roles to AWS resources, which need to access/use other AWS resources. Also IAM Roles can be assumed by users e.g. in case of cross account access.

 IAM Roles contain one or more policies you attached.

Roles (and users and groups, and some resources) are objects to which policies may be attached. 

The policy is an attribute of a role (or user, or group) where the permissions for that role (or user, or group) are defined.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?