IAM( Identify and access management) In AWS, IAM plays the main role, we want to access any particular services in AWS we need IAM pe...
IAM( Identify and access management)
In AWS, IAM plays the main role, we want to access any particular services in AWS we need IAM permission.
IAM is a service that is used to create users, groups, and permissions to use allow and deny the aws Services securely.
IAM is a feature of your AWS account offered at no additional charge. You will be charged only for use of other AWS services by your users.
Now I am going to create the IAM user and group and give the permissions, First login to the AWS account, and choose the IAM service.
Our AWS account was a fresh account. So need to create a user, group.
In the IAM console click the user's option. Now need to create the user using the Add user option.
In the user creation process, we need to finish the five steps
The first step needs to fill in the details of the user
Username: Custom username of our IAM user.
AWS access type: aws has two access types, programmatic, and aws management console access.
For programmatic access, we can access the aws services like AWS CLI, API, SDK, S3, and other
development tools using the aws access and secret key.
For the management console either we can set up the password with autogenerated or custom
password, For the password, we can enable or disable the required password reset options. If we enable this
option we need to change the password for the next sign-in time.
Now the first step is finished, click the permissions option to enter the second step.
In the second step, we need to add the user to the group,
If the group was not created, we need to create the group and add the existing user to that group.
In my case, we need to create the group and add the user techiev to it.
To create the group click the create group icon, it will be redirected to another page.
Now need to give the group name and add the existing policy with it.
In my case techiev, the user needs to access all the services in aws so I am giving the administrator
access to it,
Click create group option to create the group to finish the creation of a group, and click tags for the next step.
In the tags step, the key and value need to add, In my case added the key as techie view-user, the value as admin access for all the services then click next step review.
The fourth step reviews the past three steps summary. Click create a user to go to the next step.
The user was created successfully, In the Fifth step automatically created the access and secret key
for the user techiev, the secret key is visible only once so will note down the access and secret key for
access to aws service.
We can download the credentials with .csv as well as send the credentials through the mail.
Now successfully created the AWS IAM user and added the security policy.
Using the access key and secret key we can able access any services in AWS.
In AWS, we can create two access keys and secret keys for the same user.
If we did not use these keys frequently, we can inactive those keys, when it is needed at that time,
we can activate and use the keys.
If we want to create another user and group, we can create multiple users and groups and assign the
Particular permission to it.
For Security, the Best practice is to rotate your IAM password and keys every month once.
In the IAM, have roles and policies that we can customize and create for our used cases,
The next blog will create the custom roles and policies in IAM.
