티스토리 뷰

AWS

awscli IAM user & attach policy & make key & allow web console

fendys 2021. 9. 1. 13:47
반응형

User name : fendys_appl_user
account : fendys
policy :  AdministratorAccess

 

1. user make

aws iam create-user --user-name fendys_appl_user --tags Key=ticket,Value=ticket-1234 --profile fendys

 

2. user attach policy

aws iam attach-user-policy --policy-arn arn:aws:iam::aws:policy/AdministratorAccess --user-name fendys_appl_user --profile fendys

 

3. allow console 

aws iam create-login-profile --cli-input-json file://create-login-profile.json --profile fendys

### create-login-profile.json ###

{
    "UserName": "fendys_appl_user",
    "Password": "&1-3a6u:RA0djs",
    "PasswordResetRequired": true
}

 

4. make accesskey

aws iam create-access-key --user-name fendys_appl_user --profile fendys

output -> 해당 내용 복사 및 저장해서 유저에게 전달 또는 직접 사용한다.
{
    "AccessKey": {
        "UserName": "fendys_appl_user",
        "AccessKeyId": "AKIAXV7753DVLSIENDYA",
        "Status": "Active",
        "SecretAccessKey": "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",
        "CreateDate": "2021-08-27T07:47:57+00:00"
    }
}

 

5. 실패 시 삭제

1. aws iam detach-user-policy --user-name fendys_appl_user --policy-arn arn:aws:iam::aws:policy/AdministratorAccess  --profile fendys
2. aws iam delete-access-key --access-key-id AKIAXV7753DVLSIENDYA --user-name fendys_appl_user --profile fendys
3. aws iam delete-user --user-name fendys_appl_user --profile fendys
반응형

'AWS' 카테고리의 다른 글

Role aws efs acl set  (0) 2021.10.22
awscli command 자동 완성 설정  (0) 2021.09.01
awscli efs & policy  (0) 2021.09.01
awscli make s3 & role & policy  (0) 2021.09.01
awscli s3 cloudfront  (0) 2021.09.01