Adding a new IAM User using the AWS CLI

2023-02-13 · Thomas Taylor

How to create a new IAM user with the AWS CLI?

Create a new IAM User

To create a new IAM user, issue the following command:

1aws iam create-user --user-name USER

1{
2    "User": {
3        "Path": "/",
4        "UserName": "USER",
5        "UserId": "AIDA...",
6        "Arn": "arn:aws:iam::123456789012:user/USER",
7        "CreateDate": "2023-02-13T05:03:54+00:00"
8    }
9}

Add IAM User to an IAM Group

Create IAM Group

If an IAM Group does not exist, create one.

1aws iam create-group --group-name GROUP

1{
2    "Group": {
3        "Path": "/",
4        "GroupName": "GROUP",
5        "GroupId": "AGPA...",
6        "Arn": "arn:aws:iam::123456789012:group/GROUP",
7        "CreateDate": "2023-02-13T05:05:45+00:00"
8    }
9}

Grant access to IAM Group

The managed policy arn arn:aws:iam::aws:policy/PowerUserAccess is attached to the group in this example.

1aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/PowerUserAccess --group-name GROUP

Add the user to the IAM group.

1aws iam add-user-to-group --user-name USER --group-name GROUP

Verify user is added to group

1aws iam get-group --group-name GROUP --query "Users[*].{name:UserName,id:UserId}"

1[
2    {
3        "name": "USER",
4        "id": "AIDA..."
5    }
6]

Grant AWS Console Access

1aws iam create-login-profile --user-name USER --password PASSWORD --no-password-reset-required

1{
2    "LoginProfile": {
3        "UserName": "USER",
4        "CreateDate": "2023-02-13T05:10:17+00:00",
5        "PasswordResetRequired": false
6    }
7}

Grant Programmatic Access

1aws iam create-access-key --user-name USER

1{
2    "AccessKey": {
3        "UserName": "USER",
4        "AccessKeyId": "AKIA...",
5        "Status": "Active",
6        "SecretAccessKey": "UU...",
7        "CreateDate": "2023-02-13T05:11:18+00:00"
8    }
9}

#aws #aws-cli

Reply to this post by email ↪