A Step-by-Step Guide to Create IAM Users for Beginners

Shivam DubeyShivam Dubey
4 min read

Table of contents

If you are new to AWS, one of the first things you should learn is how to manage access to your AWS resources securely. AWS Identity and Access Management (IAM) helps you control who can access your AWS environment. In this guide, we will walk you through how to create a group, add a user, and assign permissions step by step.

Step 1: Sign In to the AWS Management Console

  1. Go to AWS Management Console.

  2. Sign in with your root account or an IAM user with administrative permissions.

Note: It is recommended not to use the root account for everyday tasks. Instead, create IAM users for better security.

Step 2: Navigate to IAM Dashboard

  1. From the AWS Management Console, type IAM in the search bar and click on IAM to open the IAM Dashboard.

  2. Here, you can manage users, groups, roles, and policies.

Step 3: Create a New IAM Group

An IAM Group is a collection of users who share the same permissions. For example, you can create groups like Developers, Admins, or Testers.

  1. On the IAM Dashboard, click on Groups from the left navigation panel.

  2. Click on the Create group button.

  3. Enter a Group Name (e.g., Admins or Developers).

  4. Next, you will see a list of policies. You can attach permissions (policies) to this group. For beginners, you can select AdministratorAccess for full permissions or choose specific policies like AmazonS3ReadOnlyAccess if you want to give limited access.

    • To add a policy, click the checkbox next to the policy name.

    • Click Next to proceed.

  5. Click Create group to finish.

Your new group is now created, and you can move on to adding users.

Step 4: Create a New IAM User

An IAM User represents an individual who needs access to AWS resources.

  1. From the IAM Dashboard, click on Users in the left navigation pane.

  2. Click the Add users button.

  3. Enter a User Name (e.g., john_doe or developer1).

  4. Choose the type of access:

    • AWS Management Console Access: For users who need to log in to the AWS Console.

    • Programmatic Access: For users who need API, CLI, or SDK access.

For beginners, select both options if you're unsure.

  1. Click Next: Permissions.

Step 5: Assign User to a Group

Now, let's add the user to the group we created earlier.

  1. On the Set Permissions page, select Add user to group.

  2. Check the box next to the group you created (e.g., Admins or Developers).

  3. Click Next.

Step 6: Review and Create the User

  1. Review the user details on the Review page.

  2. Click Create user to finish.

AWS will display a success message with the user’s Access Key ID and Secret Access Key. This information is only shown once, so make sure to download the .csv file or copy it to a secure location.

Step 7: Share Login Information with the User

If you created a user with AWS Management Console Access, share the following details with the user:

  1. The AWS Console URL (found on the IAM Dashboard).

  2. The User Name.

  3. The Password (you set or the temporary password provided).

For users needing Programmatic Access, provide the Access Key ID and Secret Access Key for API, CLI, or SDK usage.

Step 8: Verify Access

  1. Have the user log in using the AWS Console link and the credentials provided.

  2. Test the access by trying to navigate to a service like S3 or EC2 to ensure the permissions are working as expected.

Best Practices for IAM

  • Enable MFA (Multi-Factor Authentication): This adds an extra layer of security.

  • Use Groups for Permissions: Instead of assigning policies directly to users, use groups to simplify management.

  • Follow the Principle of Least Privilege: Only give permissions that are necessary for the task.

  • Rotate Access Keys Regularly: Regularly update and replace access keys for better security.

Conclusion

Congratulations! You have successfully created an IAM Group, added a user, and assigned permissions. IAM is a powerful tool that helps you control access to your AWS environment. By following best practices, you can ensure your AWS resources are secure and well-managed.

For more detailed information, check the AWS IAM Documentation to learn more about advanced features and policies.

Stay tuned with us for more aws articles and blogs.

0
Subscribe to my newsletter

Read articles from Shivam Dubey directly inside your inbox. Subscribe to the newsletter, and don't miss out.

secure iamsecure aws iamAWSAWS IAMSecure

Written by

Shivam Dubey
Shivam Dubey