In this recipe, we will create a role that allows an EC2 instance to access S3 APIs and then attach it to an EC2 instance. IAM roles provide temporary permissions for an AWS service or user to access another AWS service. A service or user assume a role, and then they are provided with temporary credentials for that session.