AWS
To set up AWS IAM users and permissions for provisioning AWS resources, along with creating roles using custom trust policies that IAM users can assume to access resources, follow these steps
User Creation
1) Access the AWS Console and click on "IAM."
2) Click the "Create user" button in the top right corner of the IAM menu.
3) Enter the username.
4) In the "Permissions" options, select "Add user to group,"
click "Next," and proceed with the creation.
5) Verify that the user has been created successfully.
6) Copy the ARN (Amazon Resource Name) of the created user.
2) Policy Creation
1) In the IAM menu, navigate to [Access management] - [Policies] and click the "Create policy" button.
2) Click on JSON in the policy editor and edit the policy as needed.
3) Set a name for the policy and click "Create policy."
3) Role Creation
1) In the IAM menu, go to [Access management] - [Roles] and click the "Create role" button.
2) Choose "Trusted entity type" as "Custom trust policy," click "Add" in the "Add trusted entities" section.
3) Add [Principal Entity Types] - [IAM users] & [AWS services].
IAM users : ARN (Amazon Resource Name) of the created user
AWS services: Name of the service you intend to use (e.g., eks)
4) Add the necessary permissions
AmazonEBSCSIDriverPolicy
AmazonEC2FullAccess
AmazonVPCFullAccess
IAMFullAccess
EKSFullPolicy
5) Set a name for the role and click "Create role."
6) Verify the created role.
4) Get Access Key and Secret Access Key
1) Click on the user with granted permissions, go to the [Security credentials]
tab, and click "Create access key"
on the top right of the "Access keys" box.
2) Click "Next" under the "Select" section, choose "Other," and click "Next."
3) Enter a description tag for the access key and click "Create access key."
4) Confirm the generated access key and secret access key.
5) Save the generated access key for later use.
Last updated
Was this helpful?