This post explains how to attach an IAM role to an EC2 instance. For attaching a role to EC2 instance, it must be in either running or stopped state.
1. Navigate to IAM console https://console.aws.amazon.com/iam/.
2. In the navigation pane, choose Roles, Create role.
3. On the Select trusted entity page, choose AWS service and for use case select EC2. Click on Next.
4. On the Add permissions page, select the policy as per the requirement, for this tutorial purpose we are using AmazonS3ReadOnlyAccess. Click on Next.
5. Enter the role name and description and click on Create role.
6. Navigate to EC2 console https://console.aws.amazon.com/ec2/
7. Select the instance, choose Actions, Security, Modify IAM role.
8. Select the IAM role created previously and click on Save.