Skip to content

IAM Hands onΒΆ

We can go to the AWS Console and navigate to the IAM service.

When we're starting, there is virtually nothing in our accounts:

Below there is a security status listed that tells what we can do to improve security.

  • So, we are going to:

    • Delete the ROOT access keys
    • Setup MFA for the root user
    • Create a new user

    • Manage groups

    Now we can go to the user davis and detach the permissions, since it's not directly manageable.

    • Setup IAM password policy

Now, the security should be set up.

The last step is to create an account alias for editing the sign-in link into their accounts.

Now we can log out of the root user and got to the admin account we created.

And it will then ask us for changing the password because of the password policy we set up.