Creating an IAM user

When you sign up for an AWS account, the email address and password you choose will be used to log in to the root account. Before you start to interact with AWS, it is a good idea to create an IAM user that you will use to interact with AWS. The advantage of this is that if you wish, you can give each IAM user as much or as little access as they need to AWS services. If you use the root account, you automatically have full access and have no way to manage or revoke privileges. Go through the following steps to set up the account:

1. Once you have logged into the AWS console, go to the Identity and Access Management dashboard by clicking on Services and typing IAM into the search box.
2. From the sidebar, choose Users to view the IAM users in your AWS account. If you have only just set up a new account, there won't be any users here yet—the root account doesn't count as a user.
3. Start the process of setting up a new user account by clicking on the Add user button at the top of the screen.

1. Start by choosing a username for your user. Check both boxes to enable Programmatic access (so you can use the command-line client) and AWS Management Console access so you can log into the web console, as shown in the preceding screenshot:

1. On the next screen, you can configure the permissions for your user. Choose Attach existing policies directly, then choose the AdministratorAccess policy, as shown in the following screenshot:

1. Review your settings, then click Create user:

1. Once your user has been created, take a note of the credentials. You will need the Access key ID and Secret access key shortly to configure the AWS command-line client. Also take a note of the console sign-in link, as this is unique to your AWS account, shown as follows:

1. Once you have set up an IAM user for yourself, log out of the root account in your browser and check that you can sign back in using your username and password.