DEV Community

Cover image for AWS -How to IAM (2024)
Hootan
Hootan

Posted on • Edited on

AWS -How to IAM (2024)

IAM: Identity and Access Management Global Service
some AWS services need to perform actions on your behalf. to do so, you assign permissions to AWS services with IAM Rols.

A statement in an IAM policy consist of Sid, Effect, Principal, Action, Resource and condition.

Group only contain Users.

a user can contain to multiple group.

Groups comes with custom permition.(with JSON document that you can call it)

How to Run IAM

Access management> users

Creating user

  1. Name it/ give a password
  2. I want to create an IAM user
  3. Autogenerated password and check users must create a new password

Create a group

  1. name it
  2. give a premission eg: Administor___provides full access
  3. add the user into group

With creating "Account Alias" you can simply sign in URL

Premission Policies

Access managment> Policies
On the Policies section click on "Create policy"

you have two option to create policy: visual and JSON
we use visual

  1. Choose a service: IAM
  2. Allowing actions: listUser and getUser
  3. Resowres: All
  4. choose a policy name and then create

If you go to user section, then chose a user you can give the policy to them.

Password Policy

  1. configure password requirement:
    Access managment> Account settings
    on Account settings section click on "Edit"

  2. MFA
    click on the name on top-rigt cornell
    then click "Security credentials"

  • Assign an MFA device
  • give it a name, use the Authontication app
  • Install Authontication app on your mobile phone then scan the QR code and then usse the code1 and code2 on the text box below.
  • then you're good to go

How can users access AWS?

  1. AWS Managment console protected by password+MFA
  2. AWS Command line interface(CLI) protected by access keys
  3. AWS software Developer kit(SDK) for code: protected by access keys

Access keys are generated though the AWS console

a region to reminde: canada(central) ca-central-1

Creating access key:

access management> users
on the secion click on the name(eg:hootan)
scroll down
security credentials> create access key
click on command line

How to run access key?

first install aws cli on your computer
then run your terminal or cmd:
write: aws configure
then press ID and pass
press default region
output format is not matter
then write: iam list-users

Image of Datadog

Learn how to monitor AWS container environments at scale

In this eBook, Datadog and AWS share insights into the changing state of containers in the cloud and explore why orchestration technologies are an essential part of managing ever-changing containerized workloads.

Download the eBook

Top comments (0)

Billboard image

Create up to 10 Postgres Databases on Neon's free plan.

If you're starting a new project, Neon has got your databases covered. No credit cards. No trials. No getting in your way.

Try Neon for Free →