- Newest
- Most votes
- Most comments
The linked documentation tells you how to edit: https://docs.aws.amazon.com/greengrass/v2/developerguide/device-service-role.html#device-service-role-access-s3-bucket.
It is just an IAM role, so you can easily edit the policy and add and remove policies as needed.
AWS IoT Greengrass uses AWS IoT Role Aliases. To change the role associated to the role alias configured for the Greengrass core device you can use the following API: https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateRoleAlias.html.
You can also perform the operation from the console https://console.aws.amazon.com/iot/home?#/rolealiashub
In my case, the IoT Role Alias has also changed. Is it possible to change the IoT Role Alias (as in the example above, meaning to associate a device with a totally different role alias, a different ARN) after the greengrass core v2 device has been setup ?
Relevant content
- asked 9 months ago
- asked 3 years ago
- Accepted Answerasked 3 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated a year ago
Thanks for the link. I should have specified in my question - rather than adding/removing permissions from the role, is it possible to change the core device service role itself ?
Example: I create a gg v2 core device with the default role.
Later on I create a new role called MyCustomRole. I now want to change the core device service role to MyCustomRole, without re-running the install script. Is this possible ?