- IAM is stands for (Identity and Access management)
- Identity is authentication it means credintials like user id and password to login the AWS account but we don't have access to operate the services in aws account
- Access is authorization it means permissions we can operate the specific services only in AWS acount
- For IAM user having restrictions for using of AWS services
- You can share your AWS account to others without giving them your credentials
- You can give permission for users but restrict them to read only access for ec2 service then the user can read only he can't able to write and change the ec2 service
-
Go to AWS console and sign-in as root user
-
Search IAM service in search bar and select the IAM
-
it will take you to IAM dash board
-
Click on user and create one user
-
Select the provide user access to the AWS management console option as shown in below figure
-
Select i want to create an iam user option
-
click on next option
-
Select the add user to group in permissions options as shown in below figure
-
Click on next and click on create user
-
You can see console sign-in details
-
Paste the copied url on new web page
-
It will take you to sign-in console of IAM
-
We enter into the AWS account with only authentication but we don't have any permissions to access services as shown in below figure
-
Go to AWS console and sign-in as root user
-
Search IAM service in search bar and select the IAM
-
it will take you to IAM dash board
-
Click on user and create one user
-
Select the provide user access to the AWS management console option as shown in below figure
-
Select i want to create an iam user option
-
click on next option
-
Select attach policies directly option in permissions options as shown in below figure
-
Click on next and click on create user
-
You can see console sign-in details
-
Paste the copied url on new web page
-
It will take you to sign-in console of IAM
-
We enter into AWS account with authentication and authorization it means i allowed the permissions for only ec2 services and other services like s3,IAM is not worked
- User groups in IAM are used to manage permissions for multiple users frequently. instead of assigining permissions to each user individually, you can create a group, assing permissions to that group, and then add users to that group.
STEP 1:
- Go to IAM console
- Select the user groups option and click on create user group
STEP 2:
- Go to users option and click on create user
- Select the created group in user
- Then the user is attached to the created group as shown in below figure
- Click on next and click on create user then it is created
STEP 3: