Create IAM Users and S3 Buckets in AWS
Introduction
Identity and Access Management or simply IAM is a AWS service that is used to grant users access to various AWS services and resources. IAM allows admins to manage users, groups and policies(permissions) for their organizations. Amazon Simple Storage Service or Amazon S3 is an object storage service that stores data as objects within buckets. An object is a file and any metadata that describes the file. In this tutorial I will guide you on how to create a new IAM identity(user) and attach policy to that user. I will also show you how to create a bucket using the amazon s3 service.
Prerequisites
- AWS root account. Create a free AWS account here.
Creating new user via IAM in the AWS Management Console.
- Log into the AWS management console with the root user. You will be taken to the console home.
- In the search bar at the top of the page, search for “IAM”. Click on the first option under services to go to the IAM dashboard.
- In the IAM dashboard on the left panel, click on “users” under Access management.
If you don’t see the panel, simply click on the hamburger icon (three small horizontal lines) to display the panel.
Also, please ignore the security warning at this time as this is just a demo account. AWS recommends you set up MFA for all users.
- Click on the blue “Add users” button.
- On the set user details page, create the username, the type of access you want this user to have and password. Click next to move on to the user permissions page.
You can check the Require password reset box if you want the user to create their customize password the next time they sign in.
- In this tutorial, the user will only be given full access to the AWS S3 service. Click on Set permissions boundary for more advance features.
- Set permissions for the users as shown below. In the search bar type “s3” and select the policy named AmazonS3FullAccess. Click next when done.
- You can skip the tags page as we will not be setting up tags in the tutorial. Click next for the review page.
- Make sure to review the new user settings and make any corrections necessary. Click the blue create user button when done.
Click the close button after creating the user because we will not need the Access Key ID for this tutorial. If you need it, feel free to download the .csv file and store it where it is easily accessible. This will be the only chance to view it.
- You will be taken back to the IAM dashboard where you can see the new user you just created.
- Click on the user for more details. On the Security credential tab, copy the console sign-in link.
- Paste the link in a new private browser window. Enter username and password you first created. You will be prompted to create a new password as configured in set user details page.
- Complete the form and click confirm password change. You will be taken to the new users’ management console. You have successfully created a new user.
Creating S3 bucket with new user.
Remember we created this user for S3 access only. You can test this by click on any other service. In the example below, I am trying to access the IAM dashboard and I received permission warnings.
- Type “s3” in the search bar at the top of the page. click the first option under services.
- At the s3 dashboard, click on the create bucket button.
- Enter a globally unique name for your s3 bucket and select a region.
- Scroll down while leaving other settings as default and click create bucket. The newly created bucket will show on the s3 dashboard.
This concludes the tutorial. With this tutorial, you’ve successfully created a new user using the AWS IAM service, added permissions to that user and created a s3 bucket. I hope this was helpful to you. Please leave any comments and feedbacks.