- 新しい順
- 投票が多い順
- コメントが多い順
An IAM role is very similar to a user, in that it is an identity with permission policies that determine what the identity can and cannot do in AWS. However, a role does not have any credentials (password or access keys) associated with it.
IAM Policies determine what actions a user, role, or member of a user group can perform, on which AWS resources, and under what conditions.
For more information regarding IAM Identities, I recommend you to take a look to the following documentation: https://docs.aws.amazon.com/IAM/latest/UserGuide/id.html
You attach IAM policies (which contain a set of permissions) to an IAM Role. Therefore, a single IAM roles can have multiple IAM policies in it. Lastly, a user can "assume" an IAM Role, meaning it will inherit automatically the policy or policies attached to that Role.
IAM Role in AWS is a type of IAM identity that can be authorised to access an AWS resource, whereas an IAM policy defines the permissions of the IAM identity. An IAM Role with no IAM Policy attached to it, won’t have to access any AWS resources. An IAM Policy that is not attached to an IAM Role is of no use. Permissions listed in an IAM policy are only enforced when that policy is attached to an IAM Role identity.
For more information on IAM roles and policies, please refer the following documentation: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html
関連するコンテンツ
AWS公式更新しました 2年前- AWS公式更新しました 1年前
- AWS公式更新しました 2年前
