Create IAM user for AWS


Step 1:

Go to page Users: https://us-east-1.console.aws.amazon.com/iamv2/home?region=us-east-1#/users

Click button Add Users

Step 2:

create iam user for aws step 2

Step 3:

create iam user for aws step 3 - 1

Example we need set permissions for S3 and Mediaconvert

We search s3 and search mediaconvert and click triangle button to see JSON:

S3:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:*",
                "s3-object-lambda:*"
            ],
            "Resource": "*"
        }
    ]
}

Mediaconvert:

{
    "Version": "2012-10-17",
    "Statement": [        
		{
            "Effect": "Allow",
            "Action": [
                "mediaconvert:*",
                "s3:ListAllMyBuckets",
                "s3:ListBucket"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "iam:PassRole"
            ],
            "Resource": "*",
            "Condition": {
                "StringLike": {
                    "iam:PassedToService": [
                        "mediaconvert.amazonaws.com"
                    ]
                }
            }
        }
    ]
}

We combine:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:*",
                "s3-object-lambda:*"
            ],
            "Resource": "*"
        },
		{
            "Effect": "Allow",
            "Action": [
                "mediaconvert:*",
                "s3:ListAllMyBuckets",
                "s3:ListBucket"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "iam:PassRole"
            ],
            "Resource": "*",
            "Condition": {
                "StringLike": {
                    "iam:PassedToService": [
                        "mediaconvert.amazonaws.com"
                    ]
                }
            }
        }
    ]
}

To create a new policy (for S3 and Mediaconvert): click button Create Policy

create iam user for aws step 3 - 2

Paste our JSON:

create iam user for aws step 3 - 3

Click button Next: Review

create iam user for aws step 3 -4

create iam user for aws step 3 - 5

Step 4: Go back to last page :

For Permission boundary

create iam user for aws step 3 - 6

For Permission

create iam user for aws step 4-1

Add tags (optinal)

create iam user for aws step 3 - 7

Create button: Create User

create iam user for aws step 4-2

create iam user for aws done

Done, now we have Access key ID and Secret access key

Leave a Reply