LOGIN
Wednesday, April 17, 2024
Top Posts
SUBSCRIBE NEWSLETTERS
Home » AWS | IAM Groups
AWS TutorialCloud Technologies

AWS | IAM Groups

by Online Tutorials Library

IAM Groups

  • An IAM Group is a collection of users.
  • Group specifies the permission for a collection of users, and it also makes it possible to manage the permissions easily for those users.
  • You created a group known as Admin and assigned the permissions to the group that administrators typically need. Any user joins the admin group; then the user will have all the permissions that are assigned to the group. If a new user joins the organization, then he should have administrator privileges, and you can assign the appropriate permissions by adding him to the group. If a person changes his job profile, instead of editing his permissions, you can remove him from a group and add him to the group.

IAM Groups

Characteristics of IAM Group

  • A group is a collection of users, and a user can also belong to multiple groups.
  • Groups cannot be nested, i.e., a group cannot contain another group.
  • No default group that automatically includes all the users in AWS account. If you want a group like this, create a group and then add the users in a group.
  • There is a limit to the number of groups that you can have and also have a limit to the number of groups that a user can belong to.

Creating a Group (AWS Management Console)

  • Sign in to the AWS Management Console by entering your email address and password.
  • Open IAM Console
  • In the navigation pane, click on the Groups. After clicking on the Group, the screen appears which is shown below:

IAM Groups

  • Click on the “Create New Group” to create a new group. On clicking on the “Create New Group”, the screen appears shown below:

IAM Groups

  • In the Group Name box, enter the group name and then click on the Next Step button.
  • Select the checkbox next to the policy which you want to use with the group.
  • Click on the Next Step button and then click on the Create Group.

Creating a Group (API or CLI)

  • Create a Group

Suppose you create a group whose name is Admin; the following command is used to create a group:

Listing IAM Groups (AWS Management Console)

  • Sign in to the AWS Management Console by entering your email address and password.
  • Open the IAM Console.
  • In the navigation pane, click on the Groups. After clicking on the Groups, the screen appears which is shown below:

IAM Groups

The above figure shows that one user exists whose name is MyUser.

Listing IAM Groups to which a user belongs to (AWS Management Console)

  • Sign in to the AWS Management Console by entering your email address and password.
  • Open the IAM Console.
  • In the navigation pane, click on the Users and then click on the User Name.
  • Open the Groups section.

Listing IAM Groups (AWS API or CLI)

  • List all the groups available in your AWS account
  • List all the users that belong to your group

Deleting an IAM Group (AWS Management Console)

  • Sign in to the AWS Management Console.
  • Open the IAM Console.
  • In the navigation pane, click on the Groups.
  • Select the checkbox appears next to the group name.

IAM Groups

  • Click on the dropdown menu of the GroupActions.

IAM Groups

  • In the dropdown menu list, click on the Delete Group. After clicking on Delete Group, the screen appears which is shown below:

IAM Groups

  • Click on Yes, Delete to delete the group.

Delete an IAM Group (AWS CLI or API)

  • Remove all the users from the Group.
  • Detach the inline policies attached to the group.
  • Detach the managed policies attached to the group.
  • Delete the group.
Next TopicIAM Identities

You may also like

AWS | IAM Users

Azure Portal Overview

Microsoft Azure DevOps

Google Cloud Platform Tutorial

What is AWS Console

Amazon SES