AWS: Creating and Managing IAM Users in AWS: A Step-by-Step Guide

Vandana PanditVandana Pandit
3 min read

IAM Users:

IAM users are created within an AWS account and represent a person or application that interacts with AWS services.

Each IAM user has a unique name within the AWS account and can be assigned permissions via policies.

So, we need to create users who can access AWS services. These users will have access to the AWS services listed below:

If I create an IAM user, this user will have access to AWS EC2 services and AWS S3 services.

The user can access AWS services using the management console, AWS CLI, or SDK.

All this is configured under AWS IAM. For these users to access these services, they need permissions. To assign permissions, we have to either attach policies to groups or roles that they will assume.

Steps to create IAM user:

Login to AWS using root credentials and search for IAM service. Click on IAM.

On the IAM dashboard page, click on "Users" from the left panel.

On Users page, click on Create User button.

Provide a user name and, if you want to give AWS console access, check the box "Provide user access to the AWS Management Console - optional" and select the radio button "I want to create an IAM user".

Provide custom password and ensure the checkbox is checked for "Users must create a new password at next sign-in - Recommended". Click on Next button.

Leave the default as we are enither assigning any policy or assigning it to any group:

Leave the page as is and click on "Create user" button.

The User is successfully created.

Lets login with this IAM User and check if iam able to login to bob's account

Copy the AccountID from the rootuser drop down

Open an incognito window and go to AWS login page. Select "IAM user" radio button and paste the copied Account ID.

Provide the IAM username and password

Enter the old password and the new password.

Successfully loged in to IAM user named "bob"

Now, close this incognito window and return to the root's login page.

Steps to switch to IAM User "bob" on CLI.

Search for the CloudShell service and click on it to open the shell.

In the shell, we will first check which identity we are using by running the command "aws sts get-caller-identity".

This command shows me that i am user root user identity.

To switch to new iam user i will use command - "aws configure"

It will then ask for Access key , so lets first create the access key. For this go to IAM User page and click on user bob

Click on Security Credentials, scroll down to the Access Keys section, and click on the "Create access key" button.

Select "Command Line Interface (CLI)" and click the "Next" button.

Click on "Create access key" button

Copy the access key and secret access key, then provide them to the command aws configure.

Now, the identity has been switched to user bob successfully. Check the following screenshot for the same.

0
Subscribe to my newsletter

Read articles from Vandana Pandit directly inside your inbox. Subscribe to the newsletter, and don't miss out.

#90daysofdevopsKodeKloudAWSIAM

Written by

Vandana Pandit
Vandana Pandit

๐Ÿ‘ฉโ€๐Ÿ’ป I am currently working as Infrastructure Engineer. ๐Ÿ”ญ Iโ€™m currently preparing for CKA certification. ๐Ÿ“ Do check my linked post I keep posting articles related to DevOps