Here are step-by-step instructions for creating an IAM user with permissions required
-
Sign in to the AWS Management Console:
Open your web browser and go to the AWS Management Console (https://console.aws.amazon.com/).
-
Navigate to the IAM service:
In the AWS Management Console, search for and select “IAM” (Identity and Access Management) under the “Security, Identity, & Compliance” section.
-
Create a new IAM user:
- Click on “Users” in the left sidebar menu.
- Click on the “Add user” button to start creating a new IAM user.
-
Set user details:
- Enter a desired username for the new IAM user (e.g., “readonly-user”).
- Choose “Programmatic access” as the access type since we will be working with API access.
- Click “Next: Permissions” to proceed.
-
Assign permissions:
- In the “Set permissions” step, choose “Attach existing policies directly”.
- Search for and select the following policies:
- AmazonEC2ReadOnlyAccess
- AmazonRDSReadOnlyAccess
- AmazonS3ReadOnlyAccess
- AWSCertificateManagerReadOnly
- Click “Next: Tags” to proceed (you can optionally add tags for organizational purposes).
-
Review and create the user:
- Review the user details and assigned permissions to ensure they are correct.
- Click “Create user” to finalize the user creation process.
-
Access and download Access Keys:
- Once the user is created, you will see a confirmation screen with the user details.
- Important: Download the user’s CSV file containing the Access Key ID and Secret Access Key. This file is needed for programmatic access.
- Click on the “Download .csv” button and save the file securely.
-
Securely manage Access Keys:
- Access Keys provide programmatic access to AWS resources and should be treated as sensitive information.
- Store the downloaded CSV file securely and do not share the Access Keys publicly.
- Consider rotating Access Keys periodically for security best practices.
Feel free to share all comments/feedback/suggestions to developer@cloudmx.dev