|« PreviousNext »|
|Did this page help you? Yes | No | Tell us about it...|
To set up a group, you need to create the group and then give it permissions based on the type of work you expect the users in the group to do.
For information about the permissions that you need in order to create a group, see Permissions for Administering IAM Users, Groups, and Credentials.
For an example of how to set up a group, go to the Getting Started.
To give a group permissions, you attach a policy to the group as described in the following procedure. For information about permissions and policies, see Permissions and Policies.
To attach a policy to a group
Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/.
In the navigation pane, select Groups.
Under Group Name, select the group that you want to attach a policy to.
Select the Permissions tab, and then click Attach Policy.
Choose the method for creating the policy document by clicking one of the following: Select Policy Template, Policy Generator, or Custom Policy. Then click Select.
How you complete the next step depends on the method you selected to create the policy.
If you are using a template to create the policy, review the policy content in the dialog box, then click Apply Policy.
If you are using the policy generator, select the appropriate Effect, AWS Service, and Actions options, enter the ARN (if applicable), and add any conditions you want to include. Then click Add Statement. You can add as many statements as you want to the policy.
When you are finished adding statements, click Continue. Review the generated output, then click Apply Policy.
If you are using a custom policy, enter a name for the policy under Policy Name and write the policy or paste the policy document from your text editor into the Policy Document box. When you are finished, click Apply Policy.
IAM applies the policy to the group.
There are limitations on policy names and on policy size. For information about policy limitations, see Limitations on IAM Entities.