AWS SDK for Ruby
Developer Guide

Creating an IAM Role

The following example creates the role my_groovy_role so that Amazon EC2 can access Amazon S3 and Amazon DynamoDB in the us-west-2 region.

require 'aws-sdk-iam' # v2: require 'aws-sdk' client = Aws::IAM::Client.new(region: 'us-west-2') iam = Aws::IAM::Resource.new(client: client) # Let EC2 assume a role policy_doc = { Version:"2012-10-17", Statement:[ { Effect:"Allow", Principal:{ Service:"ec2.amazonaws.com" }, Action:"sts:AssumeRole" }] } role = iam.create_role({ role_name: 'my_groovy_role', assume_role_policy_document: policy_doc.to_json }) # Give the role full access to S3 role.attach_policy({ policy_arn: 'arn:aws:iam::aws:policy/AmazonS3FullAccess' }) # Give the role full access to DynamoDB role.attach_policy({ policy_arn: 'arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess' })