What is AWS Identity and Access Management (IAM)?
AWS Identity and Access Management (IAM), in this Tutorial one, you can learn AWS Identity and Access Management (IAM). Are you the one who is looking for the best platform which provides information about AWS Identity and Access Management (IAM)? Or the one who is looking forward to taking the advanced Certification Course from India’s Leading AWS Training institute? Then you’ve landed on the Right Path.
The Below mentioned Tutorial will help to Understand the detailed information about AWS Identity and Access Management (IAM), so Just Follow All the Tutorials of India’s Leading Best AWS Training institute and Be a Pro AWS Developer.
AWS Identity and Access Management (IAM) is one of the web services of Amazon that helps you securely control access to AWS resources. You use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources of AWS.
AWS Identity and Access Management (IAM) is an Amazon product that comes under Security, Identity, & Compliance enables you to manage access to AWS services and resources securely, you can create and manage users and groups and use permissions to allow or not their access to Aws services.
To create IAM user credentials by using your Amazon root account credentials follow the steps given below:
►Step 1: Create an AWS Account:-
To access any AWS service, you first need to create an AWS account, an Amazon.com account that can use AWS products like compute, storage, database, etc.
To avoid using your AWS account root user for Amazon resources, it is a best practice to create an IAM user for each person who needs administrative access to Amazon resources.
►Step 2: Create an IAM User:-
To create an administrator user for yourself and add the user to an administrators group (console) follow the steps given below:
- Use your AWS account email address and password to sign in as the AWS account root user to the IAM console at https://console.aws.amazon.com/iam/.
Note: We strongly recommend that you adhere to the best practice of using the Administrator IAM user below and securely lock away your root user credentials. Sign in as the root user only when to perform a few account and service management tasks for your account.
- In the left pane of the dashboard, choose Users and then choose Add user.
3. For the User name, enter Administrator.
4. Click on the checkbox next to AWS Management Console access. Then click on a radio button to select Custom password, and then enter your new password in the text box.
5. (Optional) By default, AWS requires the new user to create a new password when first signing in the account. You can clear the check box next to User must create a new password at next sign-into allow or not the new user to reset their password after they sign in.
6. Choose Next: Permissions.
7. Under Set permissions, choose to Add user to a group.
8. Choose Create group.
9. In the Create group dialog box, for Group name enter Administrators in the text box given.
10. Choose Filter policies, and then select AWS managed -job function to filter the table contents, it filters the policies which match the job function type.
11. In the policy name list, select the check box for AdministratorAccess policy which you have to apply. Then click on the Create group button.
Note: You must have to activate IAM user and role access to Billing before you can use the administrator access permissions to access the AWS Billing and Cost Management console.
Back in the list of groups, select the check box for your new group. Click on the Refresh button if necessary to see the group in the list.
- Choose Next: Tags.
13. (Optional) Add metadata to the user by attaching tags as key-value pairs, tags are used for getting user information like email address and job title, etc. It is used for track or control access for a user you add.
14. Select Next: Review to see the list of group memberships to be added to the new user. After verifying details when you are ready to proceed, choose to Create user.
You can use this same process to create more groups and users and to give your users access to your AWS account resources, it means you can track or control the role of a user in your group.
Step 3: To Get Your Access Key ID and Secret Access Key Follow The Steps Given Below:-
To use Amazon Services actions using API or through the AWS Command Line Interface, you need an access key ID and a secret access key.
Note: The access key ID and secret access key are specific to AWS Identity and Access Management means both keys are unique for IAM user to get access to services via APIs and Command Line Interface. Don’t confuse them with credentials for other AWS services, such as Amazon EC2 key pairs which we used for connecting to EC2 instance using PuTTY software.
♦ Access keys consist of an access key ID and secret access key, which are used to sign programmatic requests through APIs that you make to AWS.
♦ As a best practice, do not use the AWS account root user credentials for any task where it’s not required. Instead, create a new administrator IAM user with access keys for yourself to use Amazon services.
► To create access keys for an IAM user
- Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/.
2. In the navigation pane, choose Users.
3. Select the name of the user whose access keys you want to create, and then click on the Security credentials
4. In the Access keys section, click on Create access key.
5. To view the new access key pair that you created, click on Show. You will not have access to the secret access key again after you close dialog box so, download the .csv file first then close.
6. Your credentials will look something like this:
♦ Access key ID: AKIAIUSFODMN7EXAMPLE
♦ Secret Access Key: wJalrXUtnFEMI/K7MIENG/bPxRfiCYEXAMPLEKZY
7. To download access keys. Click on Download .csv file then Store the keys in a secure location. Before you close the dialog box.
Note: Keep the keys confidential in order to protect your AWS account and never email them to anyone. Do not share them outside your organization, because of security purpose. Even, if an inquiry comes from AWS or Amazon.com. Amazon will not ask you for your secret key.
- After you download the .csvfile, choose Close. When you create an access key, then your key pair is active by default, and you can use the pair right away to get access to Amazon services.
I hope you have learned how to Set up AWS Identity and Access Management (IAM) User. Now, you can securely control access to AWS resources using IAM credentials.