Skip to main content

Creating IAM User Accounts

What is IAM?

IAM (Identity and Access Management) is a component of AWS which manages Users, Groups, Policies, and Roles to control access permissions to your various services within your AWS environment.
Here is where you can create User accounts, add them to groups that have attached permissions to control access or create policies or roles that you can attach to trusted entities to give them access to services within your environment.  

For more details on IAM checkout this link: AWS Identity and Access Management (IAM)

In this article I will demonstrate how to create an administrator account that you can use to launch services in AWS.  In my previous post I mentioned that it is advised that you do not use your Master or Root account to perform these functions but instead use a separate Administrator account for the purpose of launching services.  The Master account should be used to manage Budgets, setup CloudWatch monitoring and consolidate child accounts under your entire Organization.  I will talk more about AWS Organizations and the uses of the Master accounts in another article soon.

Here are the steps to follow in creating an IAM Administrator account:

  1. Login to the AWS console using your Root account.  Click "Services" and then click "IAM"
  2. On the left hand side click on "Users".  Here you will see the "Add User" button.  Click on that to start the process of creating the account.
  3. On the Add User form, enter the User Name you wish to give your account and then select the type of access for it.  There are 2 choices for the Access Type,  Programmatic - (access through AWS API, CLI, SDK or other Dev tools only) or AWS Management Console - (access through Management Console only).  Choose the appropriate type depending on how this user will interact with AWS. (In this example I chose both and left the other choices on default). Click the "Next: Permissions" button to proceed.
     
  4. This will then take you to the section where you can add the user to a group in order to control it's permissions.  If you have not created any group yet there will be nothing to choose from. Check out the previous article on creating IAM Groups if you haven't created one yet. 
  5. Now select the group to add the user account to.  Then click the "Next: Review" button.
     
  6. Review the settings and then click the "Create User" button.
     
  7. You have now created the user successfully.  In this window you will see the login link to your account.  Copy that and provide it to whoever will use the account.  That will be the link to use when logging in to AWS using this user account.  You also have the option on this page to send the login instructions via email. Click "Download.csv" to download the account details on your computer. Note that for Console Access you use the Username and Password and for Programmatic Access you use the Access Key ID and Secret Access Key.  
  8. You can now login for the first time using this account.  Follow the link provided and then enter the Username and temporary password. Then click Sign in.
     
  9. If you have chosen the option to require password reset on first login you will be asked to reset the password.  Provide your new password and then confirm the password change.
  10. You have now created a User account in AIM. 
  
Next I will talk about Roles, how they are used and how to create them. So stay tuned...


    


Labels:

Comments

Post a Comment

Popular posts from this blog

AWS AR & VR Services

The AR & VR category is all about Artificial Intelligence and Virtual Reality.  At the moment, there is only one service available in this category, but nevertheless is cutting edge technology. Sumerian        - Amazon Sumerian lets you create and run virtual reality (VR), augmented reality (AR), and 3D applications quickly and easily without requiring any specialized programming or 3D graphics expertise.  With Sumerian, you can build highly immersive and interactive scenes that run on popular hardware such as Oculus Rift, HTC Vive, and iOS mobile devices (support for Android ARCore coming soon).  For example, you can build a virtual classroom that lets you train new employees around the world, or you can build a virtual environment that enables people to tour a building remotely.  Sumerian makes it easy to create all the building blocks needed to build highly immersive and interactive 3D experiences including adding objects, and designing...
Post a Comment
Read more

AWS IoT

The IoT or Internet of Things category is a collection of services that are specifically designed for the management and implementation of IoT technology.  These allows you to easily integrate IoT models or functions into your application. Below are the various IoT services available in this category. IoT Core        - AWS IoT provides secure, bi-directional communication between Internet-connected devices such as sensors, actuators, embedded micro-controllers, or smart appliances and the AWS Cloud. This enables you to collect telemetry data from multiple devices, and store and analyze the data. You can also create applications that enable your users to control these devices from their phones or tablets. IoT 1-Click       - AWS IoT 1-Click is a service that makes it easy for simple devices to trigger AWS Lambda functions that execute a specific action. Some examples of possible actions include calling technical support, reordering goods and ...
Post a Comment
Read more

How to create an AWS free-tier account

Creating an AWS account isn't all that difficult.  This should be your 2nd step in your AWS journey.  The first being a clear familiarization of the various AWS services and their functions.  If you are not at all familiar with any of them, I would suggest you check out my previous posts which briefly discusses the various core services available in AWS then come back here to create your AWS account. When creating an AWS account you will need the following: A registered email address.   A credit card note: don't worry about fees.  creating the free tier account is totally free.  and there is a list of services that you will have free access to within their respective usage parameters.  Just be aware of these parameters as you can be charged if you go over the usage limit for the free tier account.   Now that you have the requirements available, lets begin creating your account.   First click this:  AWS Free Tier and then...
Post a Comment
Read more