Welcome to CloudAffaire and this is Debjeet.
In the last blog post, we have discussed IAM policy.
In this blog post, we are going to discuss IAM Groups. We will also create our 1st IAM group.
An IAM group is a collection of IAM users. Groups let you specify permissions for multiple users, which can make it easier to manage the permissions for those users. For example, you could have a group called Admins and give that group the types of permissions that administrators typically need. Any user in that group automatically has the permissions that are assigned to the group. If a new user joins your organization and needs administrator privileges, you can assign the appropriate permissions by adding the user to that group. Similarly, if a person changes jobs in your organization, instead of editing that user’s permissions, you can remove him or her from the old groups and add him or her to the appropriate new groups.
- A group can contain many users, and a user can belong to multiple groups.
- Groups can’t be nested; they can contain only users, not other groups.
- There’s no default group that automatically includes all users in the AWS account. If you want to have a group like that, you need to create it and assign each new user to it.
- There’s a limit to the number of groups you can have, and a limit to how many groups a user can be in.
Next, we are going to create a group and add a user to it.
Step 1: Login to AWS console and navigate to IAM.
Step 2: Navigate to ‘Groups’ and click ‘Create New Group’.
Step 3: Provide a group name and click ‘Next Step’.
Step 4: Attach a group policy and click ‘Next Step’ and then click ‘Create Group’.
Step 5: To add a user into the group, select the group and from ‘Group Actions’ click ‘Add Users to Group’.
Step 6: Select the user and click ‘Add Users’.
IAM user debjeet successfully added to the group.
Hope you have enjoyed this article. In the next blog post, we will discuss IAM Roles.
To get more details on IAM, please refer below AWS documentation