Trusted answers to developer questions
Trusted Answers to Developer Questions

Related Tags

aws
iam delegated user

How to create an IAM delegated user and user group

Muhammad Abu Huraira

Overview

We can use the AWS management console to create an IAM delegated user and user group. For this, we will perform the following steps:

  • Create a policy.
  • Create a group.
  • Create a user and add a policy for the user.

Create a policy

We will carry out the following steps to create a policy:

Step 1: We will navigate to the IAM console page. From the left navigation pane, we will select the “Policies” option, and then click the “Create Policy” button.

Step 2: We will click the “JSON” tab and then select the “Import managed policy” option.

Step 3: We will import the managed policies window that will be shown. Then, we will type “power” to filter out the list of policies, select the “PowerUserAccess” policy, and click the “Import” button. As a result, the policy will be displayed in the “JSON” tab.

Step 4: We will click the “Next: Tags” button.

Step 5: We will skip adding tags, since that is optional. Then, we will click the “Next: Review” button.

Step 6: The review policy page will be shown. Over there, we will enter the “testpolicy” for “Name”. For the “Description”, we will type “Allows full access to all services except those for user management”. Then, we will click the “Create policy” button.

1 of 8

Create a group

Step 1: From the left navigation pane, we will select the “User groups” option and then click the “Create group” button.

Step 2: We will enter “testgroup” as our “User group name”.

Step 3: From the list of policies, we will select the “testpolicy” policy that we created.

Step 4: We will click the “Create group” button.

1 of 4

Create a user and add a policy for the user

Step 1: From the left navigation pane, we will select the “Users” option and then click the “Add users” button.

Step 2: For the “User name”, we will type “testuser” and do the following:

  • For “Select AWS credential type”, we will check “Password —AWS Management Console access”.
  • For the “Console password”, we will select the “Autogenerated password” option. By default, upon the first sign-in, AWS will force the new user to create a new password.
  • We will check the “Require password reset” option.

Now, we will click the “Next: Permissions” button.

Step 3: Do not add permissions to the users on the “Permissions” page. We will add a policy once the user confirms that they have changed their password and signed in. Then, we will click the “Next: Tags” button.

Step 4 (optional): By adding tags as key-value pairs, we may add metadata to the user. After doing this, we will click the “Next: Review” button.

Step 5: We can see the list of user group memberships added to the new user. Now, we will click the “Create user” button.

Step 6: A success message will be displayed, indicating the successful creation of a user. Moreover, a “.csv” file will be shown that will contain the login information for the user. We can either download this information or send an email with the login instructions to the user.

Step 7: We will select “Users” from the left navigation pane and click on the user name of the user we created, that is, “testuser”.

Step 8: Under the “Permissions” tab, we will click the “Add permissions” button.

Step 9: We will click the “Add user to group” button and select the “testgroup” option. Then, we will click the “Next: Review” button.

Step 10: We will click the “Add permissions” button to complete the process.

1 of 10

RELATED TAGS

aws
iam delegated user

CONTRIBUTOR

Muhammad Abu Huraira
Copyright ©2022 Educative, Inc. All rights reserved
RELATED COURSES

View all Courses

Keep Exploring