Software development
Artificial Intelligence
Cloud
View all courses
Learn
Connect
Blog
Resource hub
Featured resource
2025 Tech Upskilling Playbook
Tech Upskilling Playbook

Build future-ready tech teams and hit key business milestones with seven proven plays from industry leaders.

Check it out
  • Lab
    • Libraries: If you want this lab, consider one of these libraries.
    • Cloud
    • Security
Google Cloud Platform icon
Labs

Using EC2 Roles and Instance Profiles in AWS

AWS Identity and Access Management (IAM) roles for Amazon Elastic Compute Cloud (EC2) provide the ability to grant instances temporary credentials. These temporary credentials can then be used by hosted applications to access permissions configured within the role. IAM roles eliminate the need for managing credentials, help mitigate long-term security risks, and simplify permissions management. Prerequisites for this lab include understanding how to log in to and use the AWS Management Console, EC2 basics (including how to launch an instance), IAM basics (including users, policies, and roles), and how to use the AWS CLI.

Get started Contact sales
Google Cloud Platform icon
Lab platform
Lab Info
Level
Intermediate
Last updated
Sep 24, 2025
Duration
1h 30m

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.
Table of Contents

  1. Challenge

    Create a Trust Policy and Role Using the AWS CLI
    1. From the AWS Management Console, open the provisioned S3 bucket with s3bucketlookupfiles in its name and obtain the labreferences.txt file. This file serves as a reference containing the S3 bucket names used throughout the lab.
    2. Open a new terminal session.
    3. Log in to the EC2 Bastion Host instance using the provided lab credentials and set the AWS CLI region and output type.
    4. Create an IAM trust policy for an EC2 role.
    5. Create an IAM role named DEV_ROLE.
    6. Create an IAM policy named DevS3ReadAccess and define Get and List access permissions for the provisioned S3 bucket with s3bucketdev in its name .

  2. Challenge

    Create Instance Profile and Attach Role to an EC2 Instance
    1. Attach the DevS3ReadAccess policy to the DEV_ROLE role.
    2. Create the instance profile DEV_PROFILE and add the DEV_ROLE to it via the AWS CLI.
    3. Attach the DEV_PROFILE role to the EC2 Web Server instance.

  3. Challenge

    Test S3 Permissions via the AWS CLI
    1. Log in to the EC2 Web Server instance using the provided lab credentials.
    2. Verify that the Web Server instance is assuming the DEV_ROLE role.
    3. List the buckets in the account.
    4. Attempt to view the files in the s3bucketdev bucket.

  4. Challenge

    Create an IAM Policy and Role Using the AWS Management Console
    1. From the AWS Management Console, navigate to IAM > Policies.
    2. Create an IAM policy named ProdS3ReadAccess and define Get and List access permissions for the provisioned S3 bucket with s3bucketprod in its name .
    3. Create a PROD_ROLE role and attach it to the ProdS3ReadAccess policy.

  5. Challenge

    Attach IAM Role to an EC2 Instance Using the AWS Management Console
    1. Navigate to EC2 > Instances.
    2. Attach the PROD_ROLE role to the Web Server instance.
    3. Open a terminal session and log in to the EC2 Web Server instance using the provided lab credentials.
    4. Verify that the Web Server instance is assuming the PROD_ROLE.
    5. List the buckets.
    6. Attempt to view the files in the s3bucketprod bucket.
    7. Attempt to view the files in the s3bucketsecret bucket.
About the author
Pluralsight Skills - Labs - Pluralsight
Pluralsight Skills

Pluralsight Skills gives leaders confidence they have the skills needed to execute technology strategy. Technology teams can benchmark expertise across roles, speed up release cycles and build reliable, secure products. By leveraging our expert content, skill assessments and one-of-a-kind analytics, keep up with the pace of change, put the right people on the right projects and boost productivity. It's the most effective path to developing tech skills at scale.

Real skill practice before real-world application

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Learn by doing

Engage hands-on with the tools and technologies you’re learning. You pick the skill, we provide the credentials and environment.

Follow your guide

All labs have detailed instructions and objectives, guiding you through the learning process and ensuring you understand every step.

Turn time into mastery

On average, you retain 75% more of your learning if you take time to practice. Hands-on labs set you up for success to make those skills stick.

Get started with Pluralsight

View individual plans View team plans