Create IAM Protection Role
Overview
In this following step, we have create an IAM role base on the prervious policy for further use to specify Permission in GuardDuty
- In the IAM interface, select Role from the left navigation bar and Create Role
- In the Select trusted entity, select Custom Trust Policy
- Select the following policy
pl-gd-s3-raw
- Next, select Role name in the Role details section.
In the Trust Policy, paste the previous Trust Relationship in 3.1 section
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "malware-protection-plan.guardduty.amazonaws.com" }, "Action": "sts:AssumeRole" } ] }
Review the Role and Create new Role:
Complete create role
