Big Data ML Infra on AWS - 3. IAM User Account and Permission Group Creation

AWS IAM User Account and Permission Group Creation

Why Create IAM Users?

• Security: Avoid using ROOT user for daily operations
• Access Control: Grant specific permissions to different users
• Audit Trail: Track actions by individual users

IAM User Creation Steps

Following settings are to create an admin user

1. Access IAM Service

1. Sign in to AWS Console as ROOT user
2. Search for IAM in services
3. Click Users in left sidebar
4. Click Create user

2. Configure User Details

1. Enter User name (e.g., “admin-user”, “developer”)
2. Select Provide user access to the AWS Management Console
3. Choose I want to create an IAM user
4. Set Console password:
   • Autogenerated password (recommended)
   • Custom password
5. Check User must create a new password at next sign-in (recommended)

3. Create Admin Group

1. Click Create group
2. Create a group name: e.g. admin
3. Select policy: AdministratorAccess
4. Click Create user group
5. Select Add user to group, the created group, and click Next
6. Review user details and click Create user
7. Save credentials: Download CSV file with login URL and password

IAM User Best Practices

• Use groups: Organize users by role/function
• Least privilege: Grant minimum required permissions

Tip

• If you create Account Alias, you don’t have to memorize Account ID each time login.