Menu

Log in

Sign up

From beginner to master of web design, coding, infrastructure operation, business development and marketing

  • COURSES
  • HTML & CSS Introduction
  • HTML & CSS Coding with AI
  • Linux Introduction
  • Docker Basics
  • Git & GitHub Introduction
  • JavaScript Coding with AI
  • Django Introduction
  • AWS Basics
  • Figma Introduction
  • SEO Tutorial for Beginners
  • SEO with AI
  • OTHERS
  • About
  • Terms of Service
  • Privacy Policy

© 2024 D-Libro. All Rights Reserved

AWS BasicsChapter 2. Setting Up the AWS Environment

Managing User Access with IAM

Managing User Access with IAM

Managing User Access with IAM

When you first dive into AWS, it might feel like you’ve just stepped into a high-tech control room—with buttons, switches, and dials for just about everything. But before you start launching servers or storing files, there's one super important thing to take care of: deciding who’s allowed to do what.

This is where IAM, or Identity and Access Management, comes in. Think of IAM as your security system. It’s how you invite people into your project and decide what they’re allowed to touch. In this guide, we’ll look at how to use IAM to safely manage user access—step by step.

Let’s get started.

Setting up IAM

Imagine your AWS account as your own digital workspace. Without IAM, it’s like giving everyone the master key to the entire building. That’s not great for security—or peace of mind.

Even if it’s just you at the beginning, using IAM helps keep things organized and secure. If you ever team up with others later, you’ll already have a structure in place.

Step 1: Open the IAM dashboard

First things first, log in to your AWS Management Console. If this is your first time, you’re probably still using the root user—that’s the original login for your account.

Go ahead and open the IAM dashboard:

  1. From the AWS homepage, click on the search bar at the top.

  2. Type IAM and select it from the dropdown list.
Managing User Access with IAM Screenshot 1

This is where you’ll set the rules for access—who gets in, what they can see, and what they can change.

Step 2: Create a new IAM user and group

Instead of always logging in with the root user (which has access to everything), you’ll create individual users—like yourself or future teammates—who each have their own credentials and roles.

Here’s how:

1. In the IAM sidebar, click Users, then hit Add users.

Managing User Access with IAM Screenshot 2

2. Decide and type a username (like alex-dev or project-helper) and click the next button.

Managing User Access with IAM Screenshot 3

3. Create a User Group.

Rather than assigning permissions manually to each user, AWS lets you organize them into groups. Think of groups like job roles. For example, you might have:

  • A Developer group with access to servers

  • A Viewer group that can only see resources but not make changes

To create a group:

Press the Create group button.

Managing User Access with IAM Screenshot 4

Give the group a name, like Developers or ViewOnlyTeam.

Managing User Access with IAM Screenshot 5

Pick one or more permissions policies to go with the group. For example:

  • ○ AmazonEC2FullAccess (for managing servers)
  • ○ AmazonS3ReadOnlyAccess (to just view files in storage)

managing-user-access-with-iam-screenshot-6-id401010020210-img06

Click Create user group.

managing-user-access-with-iam-screenshot-7-id401010020210-img07

4. Assign the User to the Group.

Select the user group and press the Next button. Your new user now belongs to the group and inherits all of its permissions. Easy and organized.

Managing User Access with IAM Screenshot 8

Click Create user to create the new user.

Understand policies

At the heart of IAM is something called a policy. It’s basically a set of rules that say what a user, group, or role is allowed to do.

There are three types:

  • AWS Managed Policies – ready-to-go, built by AWS.

  • Customer Managed Policies – created by you, tailored to your needs.

  • Inline Policies – attached directly to a single user or group.

To see or attach a policy:

  1. Go to Users, Groups, or Roles.

  2. Click the name you want to see or update.

  3. Choose the Permissions tab > Add permissions.

managing-user-access-with-iam-screenshot-9-id401010020210-img09

Once you get more familiarized with AWS, you can explore to customize the permissions policies.

Turn On Multi-Factor Authentication (MFA) for the Root Account

To strengthen security, you can set up MFA. It’s a second layer of security—usually a code from your phone—that makes your account a lot harder to break into.

Here’s how to set it up for a user:

1. Go to the security credentials in the top right pull-down menu.

Managing User Access with IAM Screenshot 10

2. Under Multi-factor authentication (MFA), click Assign MFA device.

3. Choose Authenticator app that you are using (like Google Authenticator or Authy). If you don’t have one, install one first.

Managing User Access with IAM Screenshot 11

4. Give the device a name and click Next.

5. Scan the QR code using your app, then enter the two codes it shows.

Managing User Access with IAM Screenshot 12

6. Click Add MFA.

That’s it! The root user now requires both a password and a one-time code from your phone to log in.

Security tips

Before you move on, take a moment to secure your new AWS account. Here’s what we recommend:

  1. Don’t use your root account every day. Later, you’ll create a new user with limited permissions (we’ll cover this in the next topic).

  2. Turn on MFA (Multi-Factor Authentication) for your root account. It adds a second layer of security using your phone.

These small steps help make sure your cloud environment is safe as you start building.

What’s next?

Now that you’ve set up IAM, your AWS environment has a solid foundation for secure access. Whether you're working alone or preparing for a team project, you’ve taken an important step toward keeping things organized, safe, and scalable.

Before we start launching servers or connecting cloud services, it’s important to understand how AWS charges for what you use. In the next section, we’ll look at how to manage AWS costs from the beginning—so you can build with confidence and avoid unexpected surprises.

Tags:

Identity and Access Management

IAM

User Access Management

AWS Security

Multi-Factor Authentication

AWS Basics
Course Content

Chapter 1. Cloud and AWS Fundamentals

Introduction to Cloud Computing

Discovering Amazon Web Services (AWS)

AWS vs. Azure vs. Google Cloud

Chapter 2. Setting Up the AWS Environment

Creating Your AWS Account

Managing User Access with IAM

Managing AWS Cost from the Beginning

Chapter 3. Deploying a Web App on AWS with a Simple Setup

Preparing a Web App for Deployment

Launching and Configuring EC2 Instances

Implementing Storage with Amazon S3

Chapter 4. Building Scalable Infrastructure with AWS

Defining Target AWS Configurations

Configuring Your Virtual Private Cloud (VPC)

Using AMIs to Recreate EC2 Instances in a Custom VPC

Setting Up a Relational Database with RDS

Distributing Traffic with Elastic Load Balancing (ELB)

Monitoring Performance with CloudWatch

Chapter 5. Next Steps on Your AWS Journey

Exploring AWS Further: Rise of AI Services

Certification and Continuing Your AWS Journey

Chapter 1. Cloud and AWS Fundamentals

Introduction to Cloud Computing

Discovering Amazon Web Services (AWS)

AWS vs. Azure vs. Google Cloud

Chapter 2. Setting Up the AWS Environment

Creating Your AWS Account

Managing User Access with IAM

Managing AWS Cost from the Beginning

Chapter 3. Deploying a Web App on AWS with a Simple Setup

Preparing a Web App for Deployment

Launching and Configuring EC2 Instances

Implementing Storage with Amazon S3

Chapter 4. Building Scalable Infrastructure with AWS

Defining Target AWS Configurations

Configuring Your Virtual Private Cloud (VPC)

Using AMIs to Recreate EC2 Instances in a Custom VPC

Setting Up a Relational Database with RDS

Distributing Traffic with Elastic Load Balancing (ELB)

Monitoring Performance with CloudWatch

Chapter 5. Next Steps on Your AWS Journey

Exploring AWS Further: Rise of AI Services

Certification and Continuing Your AWS Journey

FAQ: Managing User Access with IAM

What is IAM in AWS?

IAM, or Identity and Access Management, is a security system in AWS that allows you to manage who can access your AWS resources and what actions they can perform.

How do I create a new IAM user?

To create a new IAM user, go to the IAM dashboard, click on 'Users', then 'Add users'. Enter a username and follow the prompts to assign the user to a group with specific permissions.

What are IAM policies?

IAM policies are sets of rules that define what actions are allowed or denied for users, groups, or roles. They can be AWS Managed, Customer Managed, or Inline Policies.

Why should I use Multi-Factor Authentication (MFA)?

MFA adds an extra layer of security by requiring a second form of verification, such as a code from your phone, making it harder for unauthorized users to access your account.

What is the purpose of creating user groups in IAM?

User groups in IAM allow you to organize users with similar roles and assign permissions collectively, simplifying management and ensuring consistent access control.