Overview on AWS IAM User

Overview on AWS IAM User

What is IAM?

AWS Identity and access management (IAM) gives you fine-grained control over access to AWS services and resources. You can create and manage AWS users and groups and then use IAM permissions (in the form of policies) to allow and deny access to AWS resources.

What is the use of IAM?

With IAM, you can centrally manage permissions that control which AWS resources , a user or users can access.

Identity access management systems grant only the appropriate level of access. Instead of a username and password allowing access to an entire software , IAM allows for narrow slices of access to be portioned out, i.e. editor, viewer, and commenter in a content management system.

Authentication Authorization work

What Does an IAM Implementation Strategy Include?

Central identity management-In IAM,central identity management relies on the collection and storage of user identity data.

Secure access-Since securing at the identity level is key, an IAM should make sure that it is confirming the identities of those who are logging in. In this MFA is also included.

Policy based control-Users should only be given authorization to perform their required tasks and no more privilege than is necessary.

Zero-trust policy-A zero trust policy means that an organization's IAM solution is constantly monitoring and securing its users identity and access points.

Creating IAM user in AWS

Step1: First login to AWS management console.

Step2: Go to IAM

Step3: From left hand side IAM dashboard, select users

Step4: Inside Users, click on add users to create new user

Step5: Specify user details such as user name and autogenerated or custom password for this IAM user.

Step 6: I have selected checkbox for "Provide user access to the AWS management console" and provided remaining details.

Step7: On next page, we can create new group as below or can add user to an existing group.

Step 8: Now, give user group a name of your choice and select permissions policies, so that your user group will get those selected permissions.

For example, you could have a user group called Admins and give that user group typical administrator permissions.

Step9: Once this group is created ,now add user (ubuntu) to this newly created Ubuntu group

Step10: Now review and create user as below

How to access the IAM User

Firstly copy console sign-in details such as console url username and auto generated password.

Note: you can get user account id from below

You can either login using above obtained IAM console url or else you can select the Login as IAM while logging in to your AWS Console.

In my case, I have used above obtained url to logon to admin console and provided account id, username and password to login

Now, set new password for your IAM user as while creating new user, we have selected to create a new password at next sign-in .

Conclusion:

In this article, we have seen how can we create IAM users and group. Stay tuned for more such articles.