Reputation: 552
How to identify service-linked roles in AWS IAM
In AWS there are Service-Linked roles. It looks like over time AWS may have changed their policy regarding how these are identified, and the easiest way I can tell now is by using the Path for each role, with the /aws-service-role indicator in the path.
I am hoping to identify the older Service-Linked roles, but as far as I can tell, one of the only ways to do that is to looke for /service-role (not /aws-service-role) in the Path OR look in the policy to see if the Path for the policy says either /service-role or /aws-service-role
Is this a good way to identify older roles that are service-linked, are there any better ways?
Also what is the difference between /service-role and /aws-service-role in the Path of either the role itself, or the policy attached to it?
I can't find any documentation in AWS around what the difference between the Path may indicate.
Upvotes: 1
Views: 918
Answers (0)
Related Questions
- Get IAM Role Name Using IAM Role ID
- How to list all roles associated with an AWS SSO account
- How to retrieve all AWS permissions associated with the following role
- How to query Assumed Role
- Find role being used on server from AWS CLI
- AWS IAM Roles : How to identify specific permission for each AWS service
- Which role is attached to instance
- AWS -- how can I tell what is using a service-linked role?
- Get information about about the role that creates an AWS resource
- How to list Roles that has Policy type: "AWS managed policy"?