Create an IAM role
The role that you create in this step can be assumed by AWS IoT in order to obtain temporary credentials from the AWS Security Token Service (AWS STS). This is done when performing credential authorization requests from the Amazon Kinesis Video Streams Edge Agent.
Create the service role for Amazon Kinesis Video Streams (IAM console)
Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/
. -
In the navigation pane of the IAM console, choose Roles, and then choose Create role.
-
Choose the Custom trust policy role type and paste the following policy:
{ "Version": "2012-10-17", "Statement": { "Effect": "Allow", "Principal": { "Service": "credentials.iot.amazonaws.com" }, "Action": "sts:AssumeRole" } }
-
Select the box next to the IAM policy that you created in Create an IAM permissions policy.
-
Choose Next.
-
Enter a role name or role name suffix to help you identify the purpose of this role.
Example:
KvsEdgeAgentRole
-
(Optional) For Description, enter a description for the new role.
-
(Optional) Add metadata to the role by attaching tags as key/value pairs.
For more information about using tags in IAM, see Tagging IAM resources in the IAM User Guide.
-
Review the role and then choose Create role.