Reputation: 5858
why I have no IAM user with my current logged user in AWS?
I am trying to do my first pipeline on AWS and find out might need some permissions.
So I went back to the guide again and found this step:
https://docs.aws.amazon.com/codedeploy/latest/userguide/getting-started-provision-user.html
So I went to the IAM console
https://console.aws.amazon.com/iam/home#/users
and well, there is no a single user already there, at the guide it says
Create an IAM user or use one associated with your AWS account. For more information, see Creating an IAM User in IAM User Guide.
So I was expecting to have one for my account already, then my question is, why I need to create one and why I dont have one already? for my user?
Upvotes: 0
Views: 1104
Answers (1)
Reputation: 59896
You must be logged in as a root user?
- you do not have one because the root user has full permission and you are not supposed to be IAM user.
- You have to create one because IAM user has limited access that is why it is recommended to have IAM user with limited services that is required for user, so you can track the user or limit his access or remove the user if in case key compromised in some cases or terminate the user once job done,What if your root user compromised?
All AWS accounts have root user credentials (that is, the credentials of the account owner). These credentials allow full access to all resources in the account. You cannot use policies within your account to explicitly deny access to the root user. You can only use an AWS Organizations service control policy (SCP) to limit permissions to an account, including the root user, that is a member of an organization or organizational unit (OU). Because of this, we recommend that you delete your root user access keys and then create AWS Identity and Access Management (IAM) user credentials for everyday interaction with AWS.
Note:
- You may need AWS account root user access for specific tasks, such as changing an AWS support plan or closing your account. In these cases, sign in to the AWS Management Console with your email and password.
- Any activity or costs that are associated with the IAM user are billed to the AWS account owner.
Upvotes: 1
Related Questions
- AWS IAM error : 'Your authentication information is incorrect. Please try again'
- Could not access AWS through IAM user
- AWS: Find IAM user creator
- IAM user security credentials not reflected in AWS credentials file
- Newly created AWS member account is missing IAM role
- Login as IAM User using AWS SDK
- getting an error when trying to create IAM user with administrator access
- How do I log in to AWS Console with an IAM user account?
- IAM user created from cli not showing up in AWS console
- Can't see IAM user instances in AWS