Skip to main content

Creating IAM User Accounts

What is IAM?

IAM (Identity and Access Management) is a component of AWS which manages Users, Groups, Policies, and Roles to control access permissions to your various services within your AWS environment.
Here is where you can create User accounts, add them to groups that have attached permissions to control access or create policies or roles that you can attach to trusted entities to give them access to services within your environment.  

For more details on IAM checkout this link: AWS Identity and Access Management (IAM)

In this article I will demonstrate how to create an administrator account that you can use to launch services in AWS.  In my previous post I mentioned that it is advised that you do not use your Master or Root account to perform these functions but instead use a separate Administrator account for the purpose of launching services.  The Master account should be used to manage Budgets, setup CloudWatch monitoring and consolidate child accounts under your entire Organization.  I will talk more about AWS Organizations and the uses of the Master accounts in another article soon.

Here are the steps to follow in creating an IAM Administrator account:

  1. Login to the AWS console using your Root account.  Click "Services" and then click "IAM"
  2. On the left hand side click on "Users".  Here you will see the "Add User" button.  Click on that to start the process of creating the account.
  3. On the Add User form, enter the User Name you wish to give your account and then select the type of access for it.  There are 2 choices for the Access Type,  Programmatic - (access through AWS API, CLI, SDK or other Dev tools only) or AWS Management Console - (access through Management Console only).  Choose the appropriate type depending on how this user will interact with AWS. (In this example I chose both and left the other choices on default). Click the "Next: Permissions" button to proceed.
     
  4. This will then take you to the section where you can add the user to a group in order to control it's permissions.  If you have not created any group yet there will be nothing to choose from. Check out the previous article on creating IAM Groups if you haven't created one yet. 
  5. Now select the group to add the user account to.  Then click the "Next: Review" button.
     
  6. Review the settings and then click the "Create User" button.
     
  7. You have now created the user successfully.  In this window you will see the login link to your account.  Copy that and provide it to whoever will use the account.  That will be the link to use when logging in to AWS using this user account.  You also have the option on this page to send the login instructions via email. Click "Download.csv" to download the account details on your computer. Note that for Console Access you use the Username and Password and for Programmatic Access you use the Access Key ID and Secret Access Key.  
  8. You can now login for the first time using this account.  Follow the link provided and then enter the Username and temporary password. Then click Sign in.
     
  9. If you have chosen the option to require password reset on first login you will be asked to reset the password.  Provide your new password and then confirm the password change.
  10. You have now created a User account in AIM. 
  
Next I will talk about Roles, how they are used and how to create them. So stay tuned...


    


Labels:

Comments

Post a Comment

Popular posts from this blog

AWS Builders' Day in Calgary!

Good new my fellow Calgarians! AWS is hosting a full day technical event here in Calgary. The details of the event are as follows: Date: April 30, 2019 (Tuesday) Time: 9:00 am - 5:00 pm (Mountain Time) Location: Delta Hotel by Marriott - Downtown Calgary                  209 4th Ave SE, Calgary AB T2G 0C6 ( view map ) Additional info:   This is an all day free event.  breakfast and lunch will be provided. What to expect from the event: In this event you will get a chance to build Intelligent Data Lakes using AWS Big Data & Analytics and AI/ML Services that you can definitely take back and use in your organization.  There will be multiple Deep dive sessions on the related services as well as workshops to allow you to have a hands on feel of the technology. By the end of the day,  you would have built yourself a functional cloud-native and future-proof Serverless data lake architecture. AWS Technologies that will be discussed: Amazon Kinesis Firehose AWS Glue
Post a Comment
Read more

AWS Services Updates & New Services (2019)

It has been a while since I last posted the list of AWS Services.  Since then, there has been significant changes in their service offerings.  Here is a list of all the changes and new services released to date. It's been organized by Categories for you. AWS Game Development: -  No changes or additional new services AWS IoT - IoT Device Defender - IoT Events - IoT SiteWise - IoT Things Graph AWS Desktop & App Streaming (Now: End User Computing) - WorkDocs - WorkLink AWS Business Productivity (Now: Business Applications) -  WorkDocs has been removed from this category and transferred to End User Computing AWS Customer Engagement -  No changes or additional new services AWS Application Integration Services -  No changes or additional new services AWS AR & VR Services -  No changes or additional new services AWS Mobile Services - AWS Amplify - Mobile SDK for Android - Mobile SDK for iOS - Mobile SDK for Unity - Mobile SDK for Xamarin - Pinpoi
Post a Comment
Read more

AWSome Day in Calgary!

AWSome Day is back in Calgary my friends!  The Date is June 13, 2019 Thursday.   Time to get that date blocked off and reserved so you can spend a whole day learning about the Core AWS Services. For those of you who have missed last year's event.  Now is the time to register and be part of this all day free event hosted by AWS. About the event: This will be a one-day introduction and training on the CORE AWS Services namely: Compute Storage Database Networking The services' key features will be discussed as well as an overview of practical application through use cases.  Industry best practices will also be shared and technical demos on how to build out and configure the services will be provided. Who should join the event: IT Infrastructure managers considering Cloud Adoption Enterprise Architects and Solutions Architects Project Managers who manage Cloud based projects Systems and Network Administrators and Analysts Datacenter Administrators and Ana
Post a Comment
Read more