IAM user with Access key
Create an admin user in the IAM Identity Center
Categories:
2 minute read
Create an IAM user with access keys in the AWS Management Console.
Create the user and grant it permissions
- Sign in to the AWS Management Console using a user with permission to manage IAM users.
- Open the “Identity and Access Management (IAM)”
- In the left-hand navigation pane, click “Users”
- Click the “Add user” button
- Enter a username for the new IAM user in the “User name” field
- Choose how you want to grant permissions to the user
- Groups are considered a best practice as they are easier to control and audit
- Create the user
Generate the access key
- In the user section, select the new user to view the properties.
- Select
Security Credentials - Select
Create Access Key - Carefully check the list of use cases and ensure an access key is your best choice; there are more secure alternatives.
- Give the key a tag value so it can be managed better, such as when rotating the key value
- The
Access keyandSecret Access Keyvalues will be shown on the screen. This is a one-time option to retrieve theSecret Access Key; once you click past this screen, you must re-generate the value as it cannot be retrieved again.
Warning
Follow the best practices:
- Never store your access key in plain text, in a code repository, or in code.
- Disable or delete access keys when no longer needed.
- Enable least-privilege permissions.
- Rotate access keys regularly.
References
Best practices for managing AWS access keys
Last modified July 21, 2024: update (e2ae86c)