Austin's SWE Notes 😭

    Pass Role And Get Role

    To pass a role to a service, you need iam:PassRole. To get a role, you need iam:GetRole

    Note: PassRole determines who should have the privilege to pass role to a service. Whereas AssumeRole is for the service to assume a role.

    Pasted image 20221019202933.png

    For example, this IAM Policy allows to pass S3Access to the ec2 instances.

    Can any services assume role?

    No, see Trust Policy

    ← AWS Directory Services
    STS Overview →