Day 18 : Create Read-Only IAM Policy for EC2 Console Access

100 Days of Cloud (AWS)

UpdatedDecember 11, 2025

•1 min read

Day 18 : Create Read-Only IAM Policy for EC2 Console Access

Welcome back to Day 18. Today, we will learn how to create a read-only IAM policy for accessing the EC2 console. You need to create a read-only IAM policy for access to the EC2 console with the name iampolicy_kareem. In this lab you need to create customer-managed policy.

What an IAM Policy Does

It tells AWS:

Who (users, roles, groups, services)
Can do WHAT (actions like s3:PutObject, ec2:StartInstances)
On WHICH resources (ARNs like arn:aws:s3:::my-bucket/*)
Under what CONDITIONS (optional, using Condition block, like IP address restrictions)

Types of IAM Policies

Identity-based policies
Attached to IAM users, groups, or roles.

Resource-based policies
Attached to AWS resources (S3 bucket policy, SNS topic policy).
AWS-managed policies
Predefined by AWS (e.g., AmazonEC2FullAccess).
Customer-managed policies
Policies you create.

Congratulations you did it. It looks good. This lab was successfully completed without any errors. See you in day 19. If you have any issues please let me know I will be happy to assist you. Stay tuned and learn together. If you find my article useful, please kindly like and share it.

#aws #kodekloud #100daysofcloudaws #iam

100 Days of Cloud (AWS)

Part 33 of 50

In this series you will learn how to configure and manage cloud resources using AWS. My intention is to provide an explanation and share the answers for 100 Days of Cloud (AWS) from KodeKloud.

Up next

Day 17 : Create IAM Group

100 Days of Cloud (AWS)

More from this blog

Difference between task role and execution role in AWS ECS

Today, I want to explain the difference between a task role and an execution role in AWS ECS. Yesterday, I set up AWS ECS for a UAT environment and defined both roles. Let me clarify what a task role

Mar 1, 20262 min read

Difference between task role and execution role in AWS ECS

Bridging the Gap: Implementing External Access for Stateful Workloads in Kubernetes

Today, we will learn how to set up a backend API container with PostgreSQL on Kubernetes. In this tutorial, you will learn how to write a multi-stage Docker file, install the MetalLB load balancer, set up the Rancher local path provisioner for storag...

Jan 25, 202612 min read

Bridging the Gap: Implementing External Access for Stateful Workloads in Kubernetes

How to configure GitHub Actions OIDC with AWS ( Simple way )

Today I would like to share how to configure GitHub Actions OIDC with AWS. In this lab, you will learn why we use OIDC for AWS. Traditionally, we use an AWS Access Key ID and Secret Access Key as the authentication method to communicate with AWS serv...

Jan 13, 20262 min read

How to configure GitHub Actions OIDC with AWS ( Simple way )

Day 50: Expanding EC2 Instance Storage for Development Needs

100 Days of Cloud (AWS)

Jan 12, 20261 min read

Day 50: Expanding EC2 Instance Storage for Development Needs

Day 49: Centralized Audit Logging with VPC Peering

100 Days of Cloud (AWS)

Jan 11, 20261 min read

Day 49: Centralized Audit Logging with VPC Peering

Technical 101

68 posts

"Mingalarbar , I am an IT guy from Myanmar who enjoys learning and sharing about Linux, Cloud, Docker & K8s. I am planning to share my expertise with the information technology communities in Burma

Command Palette

What an IAM Policy Does

Types of IAM Policies

100 Days of Cloud (AWS)

Day 17 : Create IAM Group

More from this blog