How to use IAM user In AWS to access EC2 and S3 bucket via CLI

Brief description about the IAM.

AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. It allows you to manage permissions and policies to determine who is authenticated (signed in) and authorized (has permissions) to use resources.

Using IAM in AWS provides several important benefits that enhance the security, management, and operational efficiency of your AWS environment

Using IAM in AWS involves several key steps, including creating users, groups, roles, policies and Identity providers.

1. Login to AWS console management and type IAM in search bar click on IAM it redirects to you IAM dashboard

   

2. In left side panel, click on 'Users'. It will redirect you 'create user' page.

   

   Once you click on create user, they will ask you type a user name. In my case i used 'IAM-User-1'. Remember do not click on check-box. Because we are accessing the resources via CLI not by Console.

   

   Attach a IAM Policy for the resource access. In my case, I want to access EC2 and S3 bucket via CLI with the help of IAM user.

   

   Now, Policy has been attached.

   

   Next, user created Successfully

   

3. Create access key, Access key is required to login IAM user at local Machine as well on EC2 instance. For this Click on created User and check security credentials, where we need to click on create access key.

   

   Provide access key name, In my case i given the name of my access key is 'my-access-key'.

   

   Here, we want to access EC2 and S3 via CLI. So we planned to use 'access key' to enable the AWS CLI to login my AWS account. At bottom enable checkbox for the confirmation and proceed.

   

   Now, we have successfully created access key and secret access key. download csv file for future use.

   

4. Download and install 'awscliv2' at local machine or ec2 instance.

    curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
    unzip awscliv2.zip
    sudo ./aws/install
   

   Now, configure IAM. Please provide your access key and secret access key and region for EC2 access and keep format empty then enter.

   

   Create S3 Bucket(Bucket name should be unique). I Have created one folder and uploaded one file inside and outside of folder.

   My bucket name is 'my-bucket-102' and inside a bucket 'ajay-123' is folder and one file '11.Aws-cli-configure.png'. Inside a folder a file '1.png'.

   When i type the 'aws s3 ls' command before creating a bucket, i didn't got any output. once i created bucket then second time a got the output.

    ajay@AJ-92-Desktop:~$ aws s3 ls
    ajay@AJ-92-Desktop:~$
    ajay@AJ-92-Desktop:~$ aws s3 ls
    2024-08-03 19:38:51 my-bucket-102
    ajay@AJ-92-Desktop:~$ aws s3 ls my-bucket-102
                               PRE ajay-123/
    2024-08-03 19:39:40      15663 11.Aws-cli-configure.png
    ajay@AJ-92-Desktop:~$ aws s3 ls my-bucket-102/ajay-123/
    2024-08-03 19:39:13          0
    2024-08-03 19:40:10      99024 1.jpg
    ajay@AJ-92-Desktop:~$
   

5. Now, We can see the details of my EC2 Instance from AWS console manager. Here you can check my Public-IP(13.201.75.76) and Private-IP(172.31.2.49).

   

   Now, same we can access using the CLI Commands.