How to create user and give permission of aws services to user using IAM credential

AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. You use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources.

You can organize IAM users into IAM groups and attach a policy to a group. In that case, individual users still have their own credentials, but all the users in a group have the permissions that are attached to the group. Use groups for easier permissions management, and to follow the Security best practices in IAM.

Process:

To create a user and assign a role and permission to that user, you have to follow the following steps:

Step 1: Search IAM service: First you have to search IAM service in console and click on it.

Step 2: Then you will get a page like following image:

IAM Left Menu

Step 3: Click on “Users” from left side menu and create user by clicking on “Add Users” button like following image:

Step 4: Then give a User name and here I have given user name as tutorial_group and click the checkbox “Access Key-Programmatic access” .

Step 5: After that click on the checkbox “Password-AWS Management Console access” and check “Custom password ”checkbox and give a password as our wish. Then also deselect the “Required Password reset option” checkbox.

Step 6: After that click on “Next Permissions” button and get the following page. Then select “Attach existing policies directly” button. You can search for any aws services in “Filter policies” and select them. Here, I searched for “AdministratorAccess” and then select it. Then click “Next:Tags” button like following image:

Step 7: Tags are optional. So you can keep it empty. Then click on Next: Review button without giving any value in tags.

Step 8: Then click on “Create User” button like following:

Step 9: Then you will get your newly created user and you have to download your credentials because you can not access these credentials later. You will need this credential for configuring aws cli into your local machine.