Skip to main content

Creating IAM User Accounts

What is IAM?

IAM (Identity and Access Management) is a component of AWS which manages Users, Groups, Policies, and Roles to control access permissions to your various services within your AWS environment.
Here is where you can create User accounts, add them to groups that have attached permissions to control access or create policies or roles that you can attach to trusted entities to give them access to services within your environment.  

For more details on IAM checkout this link: AWS Identity and Access Management (IAM)

In this article I will demonstrate how to create an administrator account that you can use to launch services in AWS.  In my previous post I mentioned that it is advised that you do not use your Master or Root account to perform these functions but instead use a separate Administrator account for the purpose of launching services.  The Master account should be used to manage Budgets, setup CloudWatch monitoring and consolidate child accounts under your entire Organization.  I will talk more about AWS Organizations and the uses of the Master accounts in another article soon.

Here are the steps to follow in creating an IAM Administrator account:

  1. Login to the AWS console using your Root account.  Click "Services" and then click "IAM"
  2. On the left hand side click on "Users".  Here you will see the "Add User" button.  Click on that to start the process of creating the account.
  3. On the Add User form, enter the User Name you wish to give your account and then select the type of access for it.  There are 2 choices for the Access Type,  Programmatic - (access through AWS API, CLI, SDK or other Dev tools only) or AWS Management Console - (access through Management Console only).  Choose the appropriate type depending on how this user will interact with AWS. (In this example I chose both and left the other choices on default). Click the "Next: Permissions" button to proceed.
     
  4. This will then take you to the section where you can add the user to a group in order to control it's permissions.  If you have not created any group yet there will be nothing to choose from. Check out the previous article on creating IAM Groups if you haven't created one yet. 
  5. Now select the group to add the user account to.  Then click the "Next: Review" button.
     
  6. Review the settings and then click the "Create User" button.
     
  7. You have now created the user successfully.  In this window you will see the login link to your account.  Copy that and provide it to whoever will use the account.  That will be the link to use when logging in to AWS using this user account.  You also have the option on this page to send the login instructions via email. Click "Download.csv" to download the account details on your computer. Note that for Console Access you use the Username and Password and for Programmatic Access you use the Access Key ID and Secret Access Key.  
  8. You can now login for the first time using this account.  Follow the link provided and then enter the Username and temporary password. Then click Sign in.
     
  9. If you have chosen the option to require password reset on first login you will be asked to reset the password.  Provide your new password and then confirm the password change.
  10. You have now created a User account in AIM. 
  
Next I will talk about Roles, how they are used and how to create them. So stay tuned...


    


Labels:

Comments

Post a Comment

Popular posts from this blog

AWS Business Applications

The Business Applications category lists services that supports business productivity functions. Here is the list of the available services in this category. Alexa for Business        - Alexa for business makes it easy for you to use Alexa in your organization.  It gives you the tools you need to manage Alexa devices, enroll your users, and assign skills at scale.  You can build youe own context-aware voice skills using Alexa Skills Kit, and the Alexa for Business APIs, and you can make therse available as provate skills for your organization.  Alexa for Business also makes it easy to voice-enable your products and services, providing contect-aware voice experiences for your customers. Amazon Chime        - Amazon Chime is a secure, real-time, unified communications service that transforms meetings by making them more efficient and easier to conduct.  The service delivers high-quality audio and video through an applicati...
Post a Comment
Read more

AWS Builders' Day in Calgary!

Good new my fellow Calgarians! AWS is hosting a full day technical event here in Calgary. The details of the event are as follows: Date: April 30, 2019 (Tuesday) Time: 9:00 am - 5:00 pm (Mountain Time) Location: Delta Hotel by Marriott - Downtown Calgary                  209 4th Ave SE, Calgary AB T2G 0C6 ( view map ) Additional info:   This is an all day free event.  breakfast and lunch will be provided. What to expect from the event: In this event you will get a chance to build Intelligent Data Lakes using AWS Big Data & Analytics and AI/ML Services that you can definitely take back and use in your organization.  There will be multiple Deep dive sessions on the related services as well as workshops to allow you to have a hands on feel of the technology. By the end of the day,  you would have built yourself a functional cloud-native and future-proof Serverless data lake architecture. AWS Technologi...
Post a Comment
Read more

AWS Services Updates & New Services (2019)

It has been a while since I last posted the list of AWS Services.  Since then, there has been significant changes in their service offerings.  Here is a list of all the changes and new services released to date. It's been organized by Categories for you. AWS Game Development: -  No changes or additional new services AWS IoT - IoT Device Defender - IoT Events - IoT SiteWise - IoT Things Graph AWS Desktop & App Streaming (Now: End User Computing) - WorkDocs - WorkLink AWS Business Productivity (Now: Business Applications) -  WorkDocs has been removed from this category and transferred to End User Computing AWS Customer Engagement -  No changes or additional new services AWS Application Integration Services -  No changes or additional new services AWS AR & VR Services -  No changes or additional new services AWS Mobile Services - AWS Amplify - Mobile SDK for Android - Mobile SDK fo...
Post a Comment
Read more