As discussed previously policies are the equivalent to permissions in AWS. Well what if you need to assign permissions to an AWS service? Yes, there are times where you need to assign permissions to services to allow them to perform actions on your behalf in AWS, similar to a service user in windows. In this case you use an IAM role, you assign the permissions necessary to the role and then you connect the service to it to allow it to access and use what it needs. I’ll go into greater detail on the benefits and different uses of IAM roles.