Guide on AWS IAM (Identity and Access Management) Roles

IAM Roles are an essential part of AWS and they play a fundamental role in security. The IAM Role is a set of permissions that grant access to actions and resources in AWS.
Why is it Important?
IAM roles are important as they control who can access your AWS resources and what they can do with them. Instead of sharing security credentials (like Access Keys) with an entity (internal/external) that requires access to a resource, AWS recommends using roles. This prevents unauthorized access and enhancing granular level security.
What is IAM Roles?
IAM Roles is an IAM entity that defines a set of permissions for making AWS service requests. Roles are not associated with a specific user or group, instead, trusted entities assume roles, such as IAM users, applications, or AWS services like EC2.
How does it Work?
IAM roles work by allowing you to delegate access to users or services that normally don't have access to your organization's AWS resources. A role is assumed by a trusted entity (like user, application service, etc.) and this assumed role provides temporary permissions that the entity can use to make calls to AWS services.
Exam Tips: Answering Questions on IAM Roles
1. Remember that IAM roles are not tied to a single user or group, but are assumable by trusted entities.
2. IAM roles do not have any passwords or long-term credentials, they have short term credentials.
3. In exam scenarios, consider using roles when the question implies delegation, sharing of responsibilities, or cross-account access.
4. Keep in mind that one of the key benefits of IAM roles is providing secure access to AWS resources without sharing long-term credentials.