How to create an IAM admin user and user group

An IAM admin user and user group can be created on the AWS platform, using either the AWS management console or the AWS CLI.

The steps given below describe how we can create an IAM user and add that user to the user group with the help of the AWS management console.

Create an administrator IAM user and user group using the AWS management console

Step 1: We will navigate to the IAM console page. From the left menu bar, we will select the “Users” option, and then click the “Add users” button.

Step 2: After clicking the “Add users” button, a detailed page will be shown. Then, we will carry out the following steps:

• For the User name, we will type “testuser”.
• For Select AWS credential type, we will check both options.
• For the Console password, we will select “Custom password” and type a password of our choosing.
• Finally, we will check the Require password reset option.

Note: The Require password reset option allows us to reset the password on the next sign in.

Now, we will click the “Next: Permissions” button.

Step 3: On the “Permissions” page, we will select the “Add user to group” option and click the “Create group” button.

Step 4: After clicking the “Create group” button, a dialog box will appear. Over there, we will enter the “testgroup” for Group name and check the AdministratorAccess policy. Then, we will click the “Create group” button.

Step 5: We will select the user group we created and click the “Next: Tags” button.

Step 6 (optional): On the “Tags” page, we may add metadata to the created user by attaching tags as key-value pairs. Then, we will click the “Next: Review” button.

Step 7: We will verify all the information about the user and the user group. Then, we will click the “Create user” button.

Step 8: A success message will be displayed, indicating the successful creation of a user. Moreover, a .csv file will be shown, which will contain the login information for the user. We can either download this information or send an email with the login instructions to the user.

That’s it! We have successfully created the first IAM admin user and user group. We can create as many users as we want by following the steps listed above.

Now that we’ve learned how to create an IAM admin user and user group by using the AWS Management console, let’s see how we can perform the same task with the AWS CLI.

Create an administrator IAM user and user group using AWS CLI

Step 1: We will create a user named testuser by using the following command.

aws iam create-user --user-name testuser

Step 2: We will create a group named testgroup by using the following command.

aws iam create-group --group-name testgroup

Step 3: We will attach the policy AdministratorAccess to the user group named testgroup by using the following command.

aws iam attach-group-policy --group-name testgroup --policy-arn arn:aws:iam::aws:policy/AdministratorAccess

Step 4: We will add a user named testuser to the group named testgroup by using the following command.

aws iam add-user-to-group --user-name testuser --group-name testgroup