Create a user with cli,create group, give s3

full access to group

Part A: Create a user
Part A.1: Create a new user specifying the name of the user, here the name is
User_Test_1. The information related to the user created will be displayed in JSON
format upon successful completion.
aws iam create-user --user-name User_Test_1
Part A.2: A new user will be listed in the Users tab under IAM.

Part B: Create a user group

Part B.1: Create a Group specifying the name of the group, here the name is
“Test_Grp_1”. The information related to the user group created will be displayed
in JSON format upon successful completion.
aws iam create-group --group-name “Test_Grp-1”
Part B.2: A new group will be listed in the User Groups tab under IAM.

Part C: Assign S3 Full Access to the group

 Step 1: Click on IAM in the services tab or recently visited window.
 Step 2: The IAM Dashboard will appear, Click on Policies on the left hand
side menu.

 Step 3: Under policies select the S3FullAccess policy and copy its ARN. The ARN will be used to
specify the policy of the group.
 Step 4: Attach Full S3 Access policy to group by specifying the ARN of the
policy and the name of the group through the CLI.

 The policy S3FullAccess is now part of permission policies of the group

named “Test_Grp_1”.
 Part D: Assign user to the newly created group
 Specify the name of the user and the name of the group as arguments to
the command.
aws iam add-user-to-group --group-name Test_Grp_1 --user-name
User_Test_1.

 Now the number of users of the “Test_Grp_1” will be increased to 1

from 0 earlier.
 Part E: Create Access Id and Access key from CLI
This Part describes how to use AWS Command Line Interface (AWS CLI)
commands to create an AWS Identity and Access Management (IAM) group
and a new user, and then add the user to the group.
 Step 1: Create an Access Key and keep the output format as json
An access key is a set of security credentials that consists of an access
key ID and a secret key.

 Step 2: Create a user using command.

aws iam create-user –user-name User1
Note: User name must not be same as existing user else it will give error.

 Step 3: After executing command you can check in user dashboard

User1 is created.
 Step 4: Create group using following command
aws iam create-group –group-name Group1
Note: group name must not be same as existing group else it will give
error.

 Step 5: After executing command you can check in user group

dashboard User1 is created.
  Step 6: Use the following command to attaching group policy to group.
aws iam attach-group-policy --group-name Group1 --policy-arn
arn:aws:iam::aws:policy/AmazonS3FullAccess

 Step 7: Use the following command to adding user to group.

aws iam add-user-to-group --group-name Group1 --user-name User1

 Step 8: Use the following command to create access key and Secret key
Note it down or save it and don’t disclose it anyone it is confidential .

aws iam create-access-key --user-name User1

 Part F: Delete Access Id and Access key from CLI
 Step 1: Use the following command to remove the user from group.
 Note: To delete the user first it must be removed from group it is mandatory
aws iam remove-user-from-group --group-name Group1 --user-name User1

Step 2: Use the following command to delete the access key by providing
Access key Id.
aws iam delete-access-key --user-name User1 --access-key-id "Access-
key***"
Note: Access key*** is which you noted

Step 3: Use the following command to delete the User.

aws iam delete-user --user-name User1.

Step 4: You can ensure in user that your user is deleted successfully.