To add and manage access for users in Amazon Web Services (AWS), you need to use AWS Identity and Access Management (IAM). IAM enables you to create and manage users and groups, as well as set permissions to control access to AWS resources.
Here are the steps to create a new IAM user and grant them access to your AWS account:
- Sign in to the AWS Management Console: Go to https://aws.amazon.com/ and click ‘Sign In to the Console’ in the top-right corner. Enter your account credentials.
- Navigate to IAM: Once you’re logged in, click on ‘Services’ in the top-left corner and select ‘IAM’ under ‘Security, Identity, & Compliance.’
- Create a new user: In the IAM dashboard, click on ‘Users’ in the left navigation pane. Then click the ‘Add user’ button at the top of the page.
- Enter user details: Provide a unique username and choose the access type for the user. You can select ‘Programmatic access’ if the user needs an access key and secret key for API calls, or ‘AWS Management Console access’ if they need to sign in to the console. You can also set the user’s password and password reset policy.
- Set permissions: Click ‘Next: Permissions’ to assign permissions to the user. You can add the user to an existing group, copy permissions from another user, or attach policies directly to the user. It’s generally recommended to use groups for easier management of permissions.
- Add tags (optional): Click ‘Next: Tags’ to add metadata to the user in the form of key-value pairs. This is optional but can be helpful for organizing and categorizing your users.
- Review: Click ‘Next: Review’ to review the details you’ve entered. If everything looks correct, click ‘Create user.’
- Download credentials (if applicable): If you chose ‘Programmatic access’ for the user, you’ll be provided with an access key and secret key. Be sure to download or store these securely, as you won’t be able to view them again.
- Inform the new user: Share the login credentials (username, password, and console sign-in URL) and any access keys with the new user.
To manage existing users, simply go to the ‘Users’ section in IAM and click on the user’s name. You can update their permissions, groups, and policies as needed.