How to Use AWS IAM: Step-by-Step Hands-On Tutorial

How to Use AWS IAM: Step-by-Step Hands-On Tutorial

In our previous blog, we explored the theory behind AWS IAM. Now, it’s time to roll up our sleeves and dive into the practical side. This tutorial will guide you through setting up and managing IAM in your AWS environment, complete with screenshots to make each step clear and actionable.

Step 1: Creating an IAM User

  1. Log in to the AWS Management Console:

    • Navigate to the IAM dashboard.

    • Click on “Users” and then “Add user.”

Enter User Details:

  • Provide a username and select the type of access: programmatic access, AWS Management Console access, or both.

Set Permissions:

  • Choose how to assign permissions: Add the user to a group, copy permissions from another user, or attach policies directly.

  • Use indivisual service permissions or Admin Access for all permission(not recommended - can be used only for practice purpose)

Review and Create User:

  • Review the details and click “Create user.” You’ll receive access credentials for the new user, which you can download for safekeeping.

Download .csv file for credentials and Done ! User is created !

IAM Dashboard :



Step 2: Creating an IAM Group

  1. Go to “User groups”:

    • Click on “Create group.”
  2. Enter Group Name:

    • Name the group based on its role, such as “Developers” or “Admins.”

  3. Attach Policies:

    • Choose the permissions this group will have by attaching policies. You can select existing policies or create custom ones.

      I've added AdministratorAccess which will give complete access but it's not recommended practice .

We can select indivisual permission like AWSEC2Access , VPCAccess etc from those provided policies .

  1. Add Users to the Group: (optional)

    • After creating the group, you can add users by editing the group settings.

Step 3: Creating an IAM Role

  • Navigate to “Roles”:

    • Click on “Create role.”
  • Choose the Trusted Entity:

    • Select the type of entity that will assume the role, such as an AWS service like EC2.

  • Attach Policies:

    • Define what the role can do by attaching policies.

    • Select policy as per task requirement

  • Add Tags (Optional):

    • Tags help manage roles by categorizing them with key-value pairs.
  • Review and Create Role:

    • Finalize the settings and create the role. The role can now be assumed by the selected entity.

Step 4: Attaching Policies to Users, Groups, or Roles

  1. Go to the “Policies” Section:

    • View existing policies or create a new one.
  2. Select Policy and Attach:

    • Choose the policy you want to attach and select whether to attach it to a user, group, or role.

Here is example of creating custom permissions , we can use visual or json format or can select pre-created policies as well

Conclusion

This tutorial has provided a detailed overview of the essential options and configurations within AWS IAM, including creating users, groups, roles, and managing access keys. While we've covered the core functionalities that are most commonly used, IAM is a powerful service with many additional features that can be tailored to meet specific security and access management needs.


Explore More

AWS IAM offers a wide range of advanced options, including fine-grained permissions, multi-factor authentication (MFA), and service-linked roles, among others. I encourage you to explore these features further to deepen your understanding and customize your IAM configurations to best suit your projects.

Stay tuned for more tutorials where we'll dive into integrating IAM with other AWS services and automate your infrastructure using tools like Terraform.


By concluding with this overview and an invitation to explore more, you provide a satisfying wrap-up to the tutorial while encouraging readers to continue their learning journey.

Did you find this article valuable?

Support Pratik's Blog by becoming a sponsor. Any amount is appreciated!