To create a service for the Amazon Web Services, you specify the Amazon Web Services
user.
Before you begin
If you do not have an AWS account, you must create an account to use
IAM. It is not mandatory to specifically sign up to use IAM. You can use IAM without any charge. To
create an AWS account, perform the following steps.
- Access the website http://aws.amazon.com.
- Click Create an AWS Account.
- Follow the on-screen instructions.
About this task
As a best practice, do not use the AWS account root user wherever possible. Instead, create a new
IAM service user for Amazon Web Services that requires administrator access. Then, grant an
administrator role to the user by adding the user into an Administrators group to
which, you attach the administrator access managed policy.
Procedure
-
Open https://console.aws.amazon.com/iam with IAM account root user.
- In the navigation pane, select Users, and then select
Add user.
- Specify a user name in User name box. The name can consist of
letters, digits, and the following characters: plus (+), equal (=), comma (,), period (.), at (@),
underscore (_), and hyphen (-). The name is not case-sensitive and can be a maximum of 64 characters
in length.
- Select the check box next to Programmatic access.
- Select Next: Permissions.
- On the Set permissions for user page, select Add user
to group if you already have a group with an
AdministratorAccess. If
you do not have a group with AdministratorAccess, then choose Attach
existing policies directly, and select AdministratorAccess.
Note: If you do not want to grant AdministratorAccess to the service user, grant
the permission that has administrator privileges on Amazon Web Services Identity and Access
Management.
- Choose Next: Review to see the list of group memberships to be
added to the new user.
- When you are ready to proceed, select Create
user.
In the next page, created user name, access key ID, and secret
access key are displayed.
- Save the
Access Key ID and Secret Access Key to
configure AWS IAM Adapter.