DEV Community

Cover image for AWS -How to IAM (2024)
Hootan
Hootan

Posted on • Edited on

AWS -How to IAM (2024)

#aws #iam #cloud #backend

IAM: Identity and Access Management Global Service
some AWS services need to perform actions on your behalf. to do so, you assign permissions to AWS services with IAM Rols.

A statement in an IAM policy consist of Sid, Effect, Principal, Action, Resource and condition.

Group only contain Users.

a user can contain to multiple group.

Groups comes with custom permition.(with JSON document that you can call it)

How to Run IAM

Access management> users

Creating user

  1. Name it/ give a password
  2. I want to create an IAM user
  3. Autogenerated password and check users must create a new password

Create a group

  1. name it
  2. give a premission eg: Administor___provides full access
  3. add the user into group

With creating "Account Alias" you can simply sign in URL

Premission Policies

Access managment> Policies
On the Policies section click on "Create policy"

you have two option to create policy: visual and JSON
we use visual

  1. Choose a service: IAM
  2. Allowing actions: listUser and getUser
  3. Resowres: All
  4. choose a policy name and then create

If you go to user section, then chose a user you can give the policy to them.

Password Policy

  1. configure password requirement:
    Access managment> Account settings
    on Account settings section click on "Edit"

  2. MFA
    click on the name on top-rigt cornell
    then click "Security credentials"

  • Assign an MFA device
  • give it a name, use the Authontication app
  • Install Authontication app on your mobile phone then scan the QR code and then usse the code1 and code2 on the text box below.
  • then you're good to go

How can users access AWS?

  1. AWS Managment console protected by password+MFA
  2. AWS Command line interface(CLI) protected by access keys
  3. AWS software Developer kit(SDK) for code: protected by access keys

Access keys are generated though the AWS console

a region to reminde: canada(central) ca-central-1

Creating access key:

access management> users
on the secion click on the name(eg:hootan)
scroll down
security credentials> create access key
click on command line

How to run access key?

first install aws cli on your computer
then run your terminal or cmd:
write: aws configure
then press ID and pass
press default region
output format is not matter
then write: iam list-users

profile
Sentry
 Promoted

Sentry image

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more

Top comments (0)

profile
Coherence
 Promoted

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more

Read next

jdxlabs profile image

Set budget alerts on GCP & AWS

Jérôme Dx -

cuerci profile image

Variáveis de Ambiente no ruby on rails

Lucas Cuerci Soares (Cuerci) -

danial profile image

Integrating AWS Services with Stripe for Seamless Payment Solutions

Danial Ranjha -

k_goto profile image

AWS CDK Aspects specifications have changed

k.goto -

👋 Kindness is contagious

Please leave a ❤️ or a friendly comment on this post if you found it helpful!

Okay