Automating User/Role/Policy Management
- There are two possible ways of automation
- By Command Line and then enhancing this to scripts
- By AWS SDK and using code for this
- Refer Here for installing AWS CLI
- Lets create an IAM User with Administrator permissions who will automate the user creation.
- Now to enable access to the admin after installation of AWS CLI
-
Verify if the access is working or not. The output will be different to you but the command should not throw an error
- To create users from command line we need to understand aws cli
aws <service-name> <action> [<parameters>]
aws s3 ls
aws ec2 describe-instances
- Refer Here for all the commands for iam
- The command for iam will be
aws iam <command from the above page> - Lets find the command to view all the users
aws iam list-users
- Now lets try to create user called as ironman
aws iam create-user --user-name 'ironman'
* Now lets verify in the console
* Now give the password for the ironman user as Avengers@123
* We need to create login profile Refer Here
* Exercise:
* Create users thor, hulk, sonic with passwords
* Add ironman, thor, hulk, sonic to the new group ‘Avengers’
* Reset the password for all the users to Avengers@marvel@1
* Apply the built in policy of ec2readonly to the group avengers
* login from browser as any user and verify.
