lalita kashyap's blog
How to create IAM (Identity and Access Management) user

How to create IAM (Identity and Access Management) user

What is IAM user?

Lalita Kashyap's photo
Lalita Kashyap
·

3 min read

In AWS (Amazon Web Services), an IAM (Identity and Access Management) user is an entity created within your AWS account that represents a person or service that interacts with AWS resources. Each IAM user has its own credentials (username, password, and access keys) and can be assigned permissions to perform specific actions on AWS resources.

Key Components of IAM:

  1. Users: Individual accounts that represent people or services. Each user has a unique set of security credentials.

  2. Groups: Collections of IAM users. You can attach policies to groups, which makes it easier to manage permissions for multiple users.

  3. Roles: Used to grant permissions to AWS services or applications running on AWS (like EC2 instances). Roles are assumed by users or services and are not directly assigned to them.

  4. Policies: Documents that define permissions and can be attached to users, groups, or roles. Policies specify what actions are allowed or denied on what resources.

Why Use IAM Users:

  1. Security: By creating individual IAM users, you avoid sharing passwords or access keys. Each user can have unique credentials, reducing security risks.

  2. Granular Permissions: IAM allows you to define fine-grained permissions for each user, ensuring they have only the access they need to perform their tasks.

  3. Audit and Monitoring: AWS CloudTrail and other monitoring services can track the actions performed by each IAM user, providing a detailed audit trail.

  4. Centralized Management: IAM allows for centralized management of access and permissions, making it easier to update or revoke access as needed.

  5. Least Privilege Principle: By granting only the necessary permissions to each user, you can adhere to the principle of least privilege, which minimizes the risk of unintended access to sensitive resources.

Here’s a step-by-step guide to help you through the process:

Step 1: Set Up an AWS Account(if you don't have one.)

  1. Sign Up for AWS: Go to AWS and sign up for an account.

  2. Log In to the AWS Management Console: Once you have an account, log in to the AWS Management Console.

Step 2: Navigate to the EC2 Dashboard: From the AWS Management Console, click on "Services" and then select "IAM" under the Compute section.

  • Click on "Users"

  • Click on "Create Users"

  • Give "Username" and click next(Tick the check box if you want to give permission of "Management console" to user)

  • Select "Attach policy directly"

  • Set permission

  • Click on "next"

  • Click on "Create User"

  • Click on user

  • Click on "Security Credentials"

  • Scroll down to "Access Key" and click "Create access key"

  • Select "CLI" and "Confirmation" and click "Next"

  • Click on "Create access key"

  • Copy "Access key" and "Secret access key" and save them somewhere for later use or "Download.csv"

IAM is a critical component of AWS security and helps you manage who can access your AWS resources and what they can do with those resources.

Thank you 🙏

Keep Learning..

AWSAWS IAMaws cliCloudComputing