Amazon Computer Services
Creating IAM Users
Creating an AWS IAM user using the AWS dashboard
The steps for Creating IAM Users using the AWS dashboard are discussed as follows:
- Sign in to the AWS Management Console with the appropriate credentials. The IAM user must have sufficient privileges to create IAM resources (that is, user, group, policy, and so on). In the case of a fresh AWS account, you need to log in with the root credentials. It will take the user to the AWS dashboard.
- Select IAM under Security, Identity & Compliance group from the AWS dashboard. It will take the user to the IAM dashboard.
- Select Users and click Add user. It displays the following screen:
- Provide a meaningful and relevant User name to resemble a real-world entity. It will help to easily identify the correct user when performing day-to-day maintenance activity.A valid username can have only alphanumeric characters or _+=,. @- symbols. It is also possible to add multiple users (max ten users) at the same time by clicking on the Add another user link given next to the User name textbox, as shown in the preceding figure.
- After entering the username, we must select the Access type. We want to choose at least one option. It is also possible to select both options. Usually, Programmatic access is preferred for authentication through an access key and a secret key while using APIs, SDKs, and CLI.For individual users, ideally, AWS Management Console access is selected. If we select Programmatic access, we can proceed to step 7. If we select AWS Management Console access, it displays more options on the same screen, as shown in the following figure.
- If we select the AWS Management Console access type, it allows us to configure the Autogenerated password or Custom password for the user. Also, the IAM administrator can force a user to reset the password on the next login by selecting options for the same, as shown in the preceding figure. After selecting the required options, select the Next: Permission button.
- We can now see the screen with three options to assign permissions to the user, as shown in the following figure. We can create a group and add the user to a new group, or we can add the user to an existing group. It is recommended that we add a user to any group for better user management and access control; however, it is not mandatory. A user can be added to any group in the future without any requirement:
- The next step is to assign permissions to the newly created user. For authorizing permissions to the user, we can either Copy permissions from an existing user or connect existing policies directly, as display in the preceding figure.By default, newly created users do not have any privileges in the AWS platform, until and unless the appropriate policy is attached to the user ID. Any permissions we grant to a user can be modified at a later stage. After adding the user to an appropriate group or policy, we can click on the Next: Review button.
- Verify the details when the final review page appears. If any ambiguity is there, you can perform modifications by going to the previous pages. It is also possible to modify the user’s property after it is created. In worst-case scenarios, an existing user can be deleted and recreated.
- Finally, click on Create to create an IAM user.