AWS: How to Make an IAM User

AWS: How to Make an IAM User

Overview

This article will explain how to make an IAM User in AWS and the reason it is different and should be used instead of the ROOT user.

What Makes an IAM User different from a ROOT account?

When a new AWS account is created, by default the ROOT user is used to log in. The ROOT user has the option to make IAM users. IAM stands for Identity and Access Management. The difference between the ROOT and IAM users is the ROOT user has all permissions to create new infrastructure, while an IAM user has permission to create some infrastructure by the rules assigned by the ROOT user. It is advantageous to use an IAM user rather than a ROOT user since the ROOT user is the only option that can be used to resolve any technical issue, so it is good protocol to use it as a last resort to commit any action. It is okay to use it regularly only to assign new permissions for new IAM users to create infrastructure.

Materials

  • An AWS Account (Root account is used)

  • IAM

Procedure

  • Login to your AWS Root Account

  • In the search bar, type "IAM"

  • When entering the "IAM" page, select "Create User"

  • Give a rememberable name for the IAM's "User name"

  • It is highly recommended to click "Provide user access to the AWS Management Console". The Management Console is the default page when the Root user logs into their account.

  • To create an IAM user, select the option "I want to create an IAM user". The rules below are ways to configure a password for the IAM user.

  • The next page gives options to add permissions to the new IAM role

  • Afterward, review the information and create the IAM user. When making the IAM user, remember to save the information given in the "Console sign-in details". The following three variables should be saved and are needed every time to log into the IAM user:

    • Console sign-in URL

    • IAM User name

    • IAM Console password