...
Log in to the AWS console. Open the IAM console, navigate to Access Management > Roles,and click the Create role button.
Select the AWS service as the Trusted entity type, and EC2 as the Use case, and click Next.
In Add permissions policies page, select all or required policies that grant your instances access to the resources and then choose Next. For more information about DynamoDB permissions, refer to DynamoDB Account.
A policy defines the AWS permissions you can assign to a user, group, or role. The permissions can be Custom-managed or AWS-managed and are created or edited in the visual editor and or using JSON.Add tags for resources because this is optional. Then choose Next. Specify a Role name and description in Name review and create page.
Review the details and click Create role.
...