A role is similar to a user, in that it is an identity with permission policies that determine what the identity can and cannot do . However, instead of being uniquely associated with one person, a role is intended to be assumable by anyone who needs it. Also, a role does not have any credentials (password or access keys) associated with it. Instead, if a user is assigned to a role, access keys are created dynamically and provided to the user.

Table 1. Role
Field Description
Name Name of role
Description Description of role
Maximum CLI/API session duration Maximum session duration for the role
Namespace Namespace that can use this role



Assume Role Policy Document The trust relationship policy document that grants an entity permission to assume the role.
Permissions Boundary The ARN of the policy that is used to set the permissions boundary for the role.
Tags A list of tags that you want to attach to the newly created role. Each tag consists of a key name and an associated value.