Roles

IAM roles are a secure way to grant permissions to entities that you trust. Examples of entities include the following:

• IAM user in another account
• Application code running on an EC2 instance that needs to perform actions on AWS resources
• An AWS service that needs to act on resources in your account to provide its features
• Users from a corporate directory who use identity federation with SAML IAM roles issue keys that are valid for short durations, making them a more secure way to grant access.