Creating Users

• Create one User user1

  • Programmatic Access or Console Access or both
    • Console Access with user name and password
  • what policy or groups do you want to attach
    • Administrator Access

• Create other user user2

  • Programmatic Access or Console Access or both
    • Console Access with user name and password
  • what policy or groups do you want to attach
    • S3 Full Access

• AWS Account Id: When an AWS Account is created, you get a unique account id, we can create an alias to account id

• For root users to login into aws the url is console.aws.amazon.com

• For iam users the url will be https://<accountid or accountalias>.signin.aws.amazon.com/console

• Login as user1 in one browser and user2 in other browser and check the behaviors

Adding/Removing Permissions to the user

• Login in as root user and add ec2 full access to user2
• remove admistrator access to user1 and ec2 readonly access

Policies

• Policies grant/deny permissions to users
• Amazon has created lot of generic policies and they are refereed as AWS managed policies
• Any policy created by user is customer managed policy.
• To determine whether the policy is user managed or AWS managed refer below