Providing Access to an AWS Service
Many AWS services require that you use roles to control what that service can access. A role that a service assumes to perform actions on your behalf is called a service role. When a role serves a specialized purpose for a service, it can be categorized as a service role for EC2 instances, or a service-linked role. See the AWS documentation for each service to see if it uses roles and to learn how to assign a role for the service to use.
For details about creating a role to delegate access to a service offered by AWS, see Creating a Role to Delegate Permissions to an AWS Service.