DEV Community

sosmation
sosmation

Posted on

Creating your first IAM User in AWS

AWS Identity and Access Management (IAM) is an AWS web service that helps you securely control access to resources in an AWS account.
When one first creates an AWS account you are by default the root user. It has a single sign-in identity and is accessed by signing in with the email address and password that you used to create the account.
It is best practice to create an IAM user account for your day-to-day operations and only use the root account privileges when needed.
https://docs.aws.amazon.com/general/latest/gr/root-vs-iam.html#aws_tasks-that-require-root

There are a number of benefits features and benefits that come with setting up an IAM User.
https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#create-iam-users.

This article focuses on how to create your first IAM user via the AWS console.

Create an Administrative Account from the root user account

Image description

Sign in to your root account. After logging in

  1. ** AWS Identity and Access Management**

Navigate to the search bar and search IAM.

Image description
This will open to a new page which provides the settings to create your user.

Image description

In this case since the account is new the user will have administrative privileges'.

"It is best practice to make an administrative user account to run your operational tasks than using the root account due to security issues"

There are a number of settings to configure.
Access type guides in how the user will access the AWS account
in this case you allow access programmatic access and AWS management console access

Image description
There is also the option of password auto generate or you can also provide a password

3.Set permissions
Permissons are a set of rules that restrict an user to a set of tasks and roles.

There are three options to choose from
1.Add user to a group
This is where a set of users are placed together under uniform permissions.

  1. Coping rules from an existing user
    In this case an permissions are borrowed from an existing user.

  2. Attaching existing policies
    This are a set of predefined permissions to choose from provided by AWS.

It is best practice to use groups for consistency, as it is less prone from mismatch which may occur when using policies.

Image description

In this case create a group and name it "Admins", grant it the admin permissions job function.

Image description

Click on create group and it should successfully create it.

  1. Add tags Tags are used to easily identify, track or control access to a user. They may include user information like employee ID n.o or email address.

After you are done click on review at the bottom right section and to then to the create page.

Image description

You are provided with the access ID, secret access key password and the email you register with. A download csv link is provided and should be stored in a safe and secure place as it has the login credentials.

Image description

A log in link is provided by Amazon at the successful pop message in which you use to log in to the new account.

Image description

I hope this article is insightfully as you begin your AWS journey

Top comments (0)