Lessons

Creating a new IAM user with programmatic access

Introduction

In this lesson, we will learn how to create a new IAM user with programmatic access. IAM (Identity and Access Management) is a service provided by AWS that allows you to manage access to AWS services and resources securely. Programmatic access allows users to interact with AWS services programmatically, such as through the AWS CLI or SDKs. We will explore two methods to create a new IAM user with programmatic access: using AWS CLI commands and using AWS CDK with Typescript.

Prerequisites

Before we begin, make sure you have the following prerequisites:

  • An AWS account
  • AWS CLI installed on your local machine
  • AWS CDK installed on your local machine (if using AWS CDK method)
  • Basic knowledge of IAM and AWS services

Method 1: Using AWS CLI commands

Step 1: Create a new IAM user

To create a new IAM user with programmatic access using AWS CLI commands, you can use the following command:

aws iam create-user --user-name new-user

Step 2: Attach a policy to the IAM user

Next, you need to attach a policy to the IAM user to grant the necessary permissions. You can use the following command to attach a policy to the IAM user:

aws iam attach-user-policy --user-name new-user --policy-arn arn:aws:iam::aws:policy/AmazonS3FullAccess

Step 3: Create access keys for the IAM user

Finally, you need to create access keys for the IAM user to enable programmatic access. Use the following command to create access keys:

aws iam create-access-key --user-name new-user

Method 2: Using AWS CDK with Typescript

Step 1: Install AWS CDK

If you haven’t already, install AWS CDK on your local machine by running the following command:

npm install -g aws-cdk

Step 2: Create a new IAM user with programmatic access

Create a new AWS CDK project and define a new IAM user with programmatic access in your Typescript code. Here’s an example code snippet:

import * as iam from '@aws-cdk/aws-iam';

const user = new iam.User(this, 'NewUser', {
  userName: 'new-user',
});

user.addManagedPolicy(iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonS3FullAccess'));

Step 3: Deploy the AWS CDK stack

Deploy the AWS CDK stack by running the following command:

cdk deploy

Conclusion

In this lesson, we learned how to create a new IAM user with programmatic access using two different methods: AWS CLI commands and AWS CDK with Typescript. By following the steps outlined in this lesson, you can easily create IAM users with programmatic access and manage their permissions effectively. Key learnings from this lesson include:

  • How to create a new IAM user using AWS CLI commands
  • How to attach policies to IAM users to grant permissions
  • How to create access keys for IAM users to enable programmatic access
  • How to create IAM users using AWS CDK with Typescript and deploy the stack

Now that you have learned how to create IAM users with programmatic access, you can further explore IAM policies, roles, and other advanced IAM features to enhance the security and manageability of your AWS resources.

Share :