I know if I create a role and assign AmazonS3FullAccess permission to it, any EC2 instances assume this role will be able to use S3 with full privilege.
on the same token, if I create a role
- Choose the service that will use this role: EC2
- Attach permissions policies: AmazonEC2FullAccess, Policy ARN arn:aws:iam::aws:policy/AmazonEC2FullAccess
then I assign this role to an EC2 instance A, my question is,
will instance A have access to all other EC2 instances? If I want to ssh from instance A to instance X, I would still need ssh keys as if there were not roles assigned it, right? what is the point of roles in this case?