Creating Users
-
Create one User user1
- Programmatic Access or Console Access or both
- Console Access with user name and password
- what policy or groups do you want to attach
- Administrator Access
- Programmatic Access or Console Access or both
-
Create other user user2
- Programmatic Access or Console Access or both
- Console Access with user name and password
- what policy or groups do you want to attach
- S3 Full Access
- Programmatic Access or Console Access or both
-
AWS Account Id: When an AWS Account is created, you get a unique account id, we can create an alias to account id
-
For root users to login into aws the url is console.aws.amazon.com
-
For iam users the url will be https://<accountid or accountalias>.signin.aws.amazon.com/console
-
Login as user1 in one browser and user2 in other browser and check the behaviors
Adding/Removing Permissions to the user
- Login in as root user and add ec2 full access to user2
- remove admistrator access to user1 and ec2 readonly access
Policies
- Policies grant/deny permissions to users
- Amazon has created lot of generic policies and they are refereed as AWS managed policies
- Any policy created by user is customer managed policy.
- To determine whether the policy is user managed or AWS managed refer below