AWS

Create IAM user in AWS

CloudScope ,

In this article we will go through the steps for creating a user in AWS IAM and attach the existing policies

Creation of AWS AM user

Login to the AWS console and search for IAM service in the AWS console

Search IAM service

Now we are in IAM dashboard

IAM Dashboard

Navigate to Users listed on the left and click on Add users

Add user button

User details

  • Enter the username as per the requirement, we can also create multiple users by clicking Add another user

AWS access type*

There are 2 types of Access type

  • Programmatic access Users created under this access type are able to make API calls, access AWS CLI. This type will create access key ID and secret access key for each user, These IDs are use to configure AWS CLI
  • AWS Console access – Users created under this access type will be able to access the AWS Management console with password.

Note – Both access type can be selected at the same time

Choose any 1 as per your requirement

  • Autogenerated password – Automatically generates a password
  • Custom password – We can set the password

Require password reset – This option will allow the user to change password at the time of first sign in.

IAM user details

Click on Next: Permissions

Set permissions

Now comes the Permissions part and below are the 3 permission options 

  • Add user to group – This option will allow us to add user to a group which has all the attached policies, we can also create a new group by clicking on create group and add user to that group.

Steps to create a group in AWS IAM

  1. Click on Create group
  2. Enter the group name for eg. Ec2_admins
  3. Select the existing policies from the list for eg. AmazonEC2FullAccess or we can create our own set of permissions by clicking on Create policy.
  • Copy permissions from existing user – This option will copy permissions from an existing user to the new user
  • Attach existing policies directly – Select an existing policies from the list or create a new one

For this tutorial we will proceed with the First choice i.e. Add user to group and Create a group as shown in the above steps.

Create group and assign policies

After creating a group, it will reflect under the group section if not then click on Refresh button

Select your group and proceed with the next step

Select the group

Set permissions boundary (optional)

Click on Next: Tags – Add some tags if needed

Click on Review and then Proceed with Create user

IAM user

Download the credentials file by clicking on Download.csv

Note: This is first and last time theses credentials are available, in case you didn’t download or lost the secrets then the only option remains is to regenerate the secrets

Download.csv will consists of the information like User name, Password, Access key id, Secret Access key, Console login link

Conclusion

In this article we learn how to create users in AWS with 2 access types i.e. Programmatic access and AWS Management console access, we also saw the groups concept and how to choose the permissions as per the requirement.

You May Also Like

How to Change an AWS EC2 Instance Type: A Step-by-Step Guide

CloudScope
aws mfa

Enable MFA on AWS Root Account

CloudScope

Telnet is not recognized as an internal or external command on Windows

CloudScope