Create a service-linked role for Amazon IoT SiteWise

Amazon IoT SiteWise requires a service-linked role to perform certain actions and to access resources on your behalf. A service-linked role is a unique type of Amazon Identity and Access Management (IAM) role that is linked directly to Amazon IoT SiteWise. By creating this role, you grant Amazon IoT SiteWise the necessary permissions to access other Amazon services and resources required for its operation, such as Amazon S3 for data storage or Amazon IoT for device communication.

You don't need to manually create a service-linked role. When you perform the following operations in the Amazon IoT SiteWise console, Amazon IoT SiteWise creates the service-linked role for you.

Create a Greengrass V1 gateway.
Configure the logging option.
Choosing the opt-in button in the execute query banner.

If you delete this service-linked role, and then need to create it again, you can use the same process to recreate the role in your account. When you perform any operation in the Amazon IoT SiteWise console, Amazon IoT SiteWise creates the service-linked role for you again.

You can also use the IAM console or API to create a service-linked role for Amazon IoT SiteWise.

To do so in the IAM console, create a role with the AWSServiceRoleForIoTSiteWise policy and a trust relationship with iotsitewise.amazonaws.com.
To do so using the Amazon CLI or IAM API, create a role with the arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForIoTSiteWise policy and a trust relationship with iotsitewise.amazonaws.com.

For more information, see Create a service-linked role in the IAM User Guide.

If you delete this service-linked role, you can use this same process to create the role again.

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Service-linked role permissions

Update a service-linked role