Title: Step-by-Step Guide: Attaching IAM Roles to an EC2 Instance

Introduction:
Attaching IAM (Identity and Access Management) roles to an EC2 (Elastic Compute Cloud) instance in AWS allows you to grant specific permissions and access to resources. This step-by-step guide will walk you through the process of creating a new IAM role, launching an EC2 instance, and attaching the IAM role to the instance. By the end of this guide, you will have successfully attached an IAM role to an EC2 instance and verified its functionality.

Step 1: Create a New IAM Role and Attach IAM ReadOnly Policy:

1. - Go to the AWS Management Console and navigate to the IAM service.
2. - Select "Roles" from the left-hand side menu.
3. - Click on "Create Role" and choose the service that will use the role (in this case, select EC2).
4. - In the "Permissions" section, search for and select the "ReadOnlyAccess" policy.
5. - Proceed to configure any optional tags or review the role's settings.
6. - Give your role a meaningful name, such as "EC2ReadOnlyRole," and provide a description.
7. - Click on "Create Role" to create the IAM role with the attached IAM ReadOnly policy.

Step 2: Launch an EC2 Instance:

1. - Go to the EC2 Dashboard in the AWS Management Console.
2. - Click on "Launch Instances" and follow the wizard to configure your instance, selecting the desired instance type, AMI, and other settings.
3. - In the "Configure Instance Details" section, scroll down to the "IAM role" field.
4. - Choose the "EC2ReadOnlyRole" (or the name you provided) from the drop-down menu.
5. - Continue with the remaining steps of the instance launch wizard, configuring security groups, storage, and other settings as needed.
6. - Launch the EC2 instance.

Step 3: Attach the IAM Role to the EC2 Instance:

1. - Once the instance is launched and running, go to the EC2 Dashboard.
2. - Select the newly created EC2 instance from the list.
3. - In the "Actions" drop-down menu, choose "Security," and then "Modify IAM Role."
4. - Select the "EC2ReadOnlyRole" (or the name you provided) from the "IAM role" drop-down menu.
5. - Click on "Save" to attach the IAM role to the EC2 instance.

Step 4: Connect to the EC2 Instance:

1. - Obtain the necessary connection details for your EC2 instance, including the public IP address or public DNS name.
2. - Open a terminal or SSH client and use the appropriate command to connect to the instance. Step 5: Verify IAM Role Functionality:

Once connected to the EC2 instance, execute the following command:
aws iam list-users

1. This command lists all the IAM users in the AWS account.
2. If the command successfully returns a list of IAM users, it indicates that the IAM role attached to the EC2 instance has the required IAM ReadOnly permissions. ** Conclusion:** By following the step-by-step guide above, you have successfully created a new IAM role, launched an EC2 instance, attached the IAM role to the instance, and verified the functionality by listing IAM users from the EC2 instance. Attaching IAM roles to EC2 instances provides granular access control and allows instances to interact securely with other AWS services using temporary credentials.