Create Users and Manage Permissions Using Groups and Policies in IAM

30 minutes
  • 3 Learning Objectives

About this Hands-on Lab

In this lab scenario, Alfredo of Alfredo’s Pizza has hired you as a security engineer for his web app that allows customers to order pizzas online. He’s ramped up his development team by hiring four new people. He needs our help with giving this team the proper access permissions. In order to provide access and ensure the proper security measures are in place, you will use AWS Identity & Access Management (IAM). You will group users and assign permissions for the developer group using policies.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Create a Customer-Managed Policy
  1. Navigate to IAM.
  2. In IAM Resources, click Users to view existing users.
  3. From the left dashboard menu, click Policies to create a new policy with developer access.
  4. Click Create policy.
  5. Click the Visual editor tab.
  6. Click *Import managed policy" and find "AWSLambda_FullAccess".
  7. Click import.
  8. Click Review policy.
  9. Remove EC2.
  10. Click Next:Tags
  11. Click Next: Review.
  12. Give the policy a name.
  13. Click Create Policy.
Create a Group Controlled via a Customer-Managed Policy
  1. From the left dashboard menu, select User Groups.
  2. Click Create group.
  3. Enter the group name "Developers" and then click Create Group.
  4. Attach the policy previously created.
Assign Users to the Group
  1. Select user groups.
  2. Click on group just created.
  3. Click Add users.
  4. Select the Users tab and click Add Users to Group.
  5. Select the four developers we want to add to the group and click Add Users.

Additional Resources

Please log in to the lab environment with the credentials provided. Make sure you are using the us-east-1 region throughout the lab.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?