AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources for your users. You use IAM to control who can use your AWS resources (authentication) and what resources they can use and in what ways (authorization).
Before you can use any AWS service with the API or form your code you need to setup a user in IAM. You can decide what a user has access to or what they can do. You can create users for spefic actions.
It's pretty straight forward to get a user setup. In the AWS console select services and type IAM
This will show the welcome screen. Followed by a quick summary of users and groups, policies, roles.
For now we want users. On the left you will find "Users" This will display the users on your AWS account,
Select "Create New Users" and enter a name for the user. You can create as many users as you want.
For what we are trying to do make sure you tick "Generate an access key for each user" this will allow the user to access the REST API for AWS.
Once that's done hit Create
Once created you will be shown the Access Key and Secret Access Key. Take these down or download them you won't see the secret again.
That's it your ready to go.
One thing I really like is that once you create the user. In the list you can click and see the activity from that user.
But you can see the activity for the access key aswell. What service was used. You can also create more keys for different things.
As you can see this KEY was last used for SQS in EU West yesterday I can turn it off or delete it or create another key for something else if I wanted to.
Comments