As I have been developing and testing on Amazon Web Services (AWS) hosting I have made much use of the Identity and Access Management (IAM) feature. In particular, I have found the IAM Roles to be extremely helpful. I can assign a role to a specific instance or even a launch group of instances. When those instances are launched they have all the permissions of the role that I have specified for them. This means that if an instance needs to access files that are on S3, I just add that permission to the role and the instance is able to access S3 files. This is extremely useful for system admin scripts as well as other programming tasks.
Continue reading AWS IAM Roles