In the previous post we’ve already seen What is IAM, IAM Components, IAM Role vs User. In this post we will be seeing how to create IAM User in AWS. We will be doing complete hand on lab where we will be creating IAM User step by step.
So let’s get started,
You can create one or more IAM users in your AWS account. You might create an IAM user when someone joins your team, or when you create a new application that needs to make API calls to AWS.
Step 1: Open AWS Console login and from services select IAM.
You should be able to see IAM Dashboard as shown below.
Step 2: We’ve already seen what is Users, Group, Roles and Policies in our previous post. So if you’re not aware of it, kindly go through my previous lectures.
Step 3: Tap on Users from the left pane and you should be able to see below screen.
Step 4: Tap on Add User and Fill out the details.
Access Type: There are two types of Access one is Programatic other is AWS Console. Based on the work which user will be doing you can give one or both.
Console Password: Password which user needs while logging.
Require Password Reset: This option will enable the user to change password once he logs in.
Step 5: Tap on next -> Permissions
Add user to group: Here you can add new user to existing group so that the policies attached to group will be given to user. Since there are no groups you don’t see any group listed here.
Copy Permission from Existing user: In this the new user which we created get permissions from existing user, So basically we’re attaching policies of existing user to new user. Since there are no user you don’t see any user listed here.
Attach Existing Policies: AWS has created some policies which we can attach to new user, we can create our own policies and attach to user.
So in this we are going to give AmzonEC2FullAccess to our user.
Step: 6: Tap next and add tags, such as name, project user role and etc.
Step 7: Tap on review and verify all the details as shown below.
Step 8: Tap on Create User. Do not forget to download the .csv file.
Step 9: Open .csv file
Step 9: In this you can see User name is Aditya_Malviya, password is not present because we’ve asked user to change the password once logged in. Access key id and secret access key for AWS CLI login and console link from where he can log in.
Step 10: Copy console login link and open in other browser.
You should see the sign in as IAM user enter credentials which was used for your account.
Step 11: Enter the new password and login.
Step 12: Now you can login to AWS Console, If you remember we gave only EC2FullAccess permission so check EC2 from services you will be having complete access over it. Now check RDS/S3 bucket or any other services you won’t be able to perform any actions.
So this was in depth tutorial on how to create user, Do shoot out in comment section if you have any queries.